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taking  on  dragons,  easy. 


2.  Give  them  what  they  want. 

Dragons  desire  gold,  jewels,  and  princesses.  Have  any  treasure  around? 

A  nice  watch,  petty  cash,  your  silver  sales  award?  More  on  princesses  later. 


1.  Put  the  fire  out. 

Knowing  what  to  do  if  there's  a  fire  is  always  smart. 
That  the  fire  spews  from  the  mouth  of  a  ferocious 
flying  serpent  should  make  no  difference. 


5.  The  princess  defense. 

That  temp  in  finance— bewigged,  begowned,  and  pushed  Dragon- 
ward — may  just  pass  for  a  princess. 

6.  Dragonslayer. 

You  learn  to  slay  Dragons  by  slaying  Dragons.  Win  this  one  and  you'll 
be  an  in-demand  consultant  to  other  Dragon -besieged  companies. 


3.  Use  the  shrink  spell. 

Arthurian  legend  tells  of  the  wizard  Merlin,  who  would  have  known 
how  to  shrink  an  unruly  dragon.  Magic  wand  and  spells  not  included. 


4.  Ask  for  a  break. 

Searing  heat,  slashing  claws,  and  the  beating  wings  of 
hell  will  tire  anyone.  Say  you  need  a  break,  then  just  walk 
quickly  out  the  back. 
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taking  on  security  threats,  easier. 


1.  Implement  Microsoft  Forefront. 

Forefront  makes  defending  your  systems  easier.  It's  a  comprehensive,  simple- 
to-use,  integrated  family  of  products  that  helps  provide  protection  across  your 
client,  server,  and  network  edge.  Learn  how  Del  Monte  Foods  uses  the  Forefront 
family  of  products  to  help  defend  their  systems.  Visit  easyeasier.com 

Forefront  is  business  security  software  for  client,  server,  and  the  network  edge. 


There's  no  good  way  to  find  out  someone  has  stolen 
your  data.  We  can  help  make  sure  you  never  have  to. 


Formerly  Presentation  Server 


Cisco®  ASA  5510  _ 

•  High-performance  firewall,  IPSec  and  SSL  VPN 
services,  and  optional  intrusion  prevention  and 
worm  mitigation  services  through  the  AIP-SSM 
card,  or  comprehensive  malware  protection 
services  through  the  CSC-SSM  card 

•  Cost-effective,  DMZ-enabled  security  solution  on 
a  single  platform 

•  Includes  250  VPN  peers,  license  upgrade  expands 
VPN  capacity 

•  Encryption  algorithms  include  DES,  3DES  and  AES 


Imprivata®  OneSign" 

•  Supports  demanding  workflow  requirements  of 
organizations  by  providing  seamless  single  sign-on 
access  to  all  information  assets  with  fast  and  convenient 
network  authentication 

•  Provides  support  for  fast  user  switching  at  shared  kiosks, 
roaming  desktops  and  context  management 


Citrix®  XenApp,w 

•  Offers  both  application  virtualization  and 
application  streaming 

•  Enables  access  experience  for  any  user,  with  any 
device,  working  over  any  network 

•  Centralize  applications  and  data  in  secure  data 
centers,  reducing  costs  of  management  and 
support,  increasing  data  security  and  ensuring 
fast,  reliable  performance 

Single-user  connection  license  with  Subscription 
Advantage  $600.00  CDW 1176409 


CISCO 
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$2749" 

CDW  792590 


Call  CDW  for  pricing 

CDW  1223471 


CiTRIX 


We're  there  with  the  security  solutions  you  need. 

With  data  and  identity  theft  on  the  rise,  now  might  be  the  best  time  to  start  beefing  up  your  security. 
Lucky  for  you,  CDW  has  people  ready  to  help.  Our  personal  account  managers  work  along  with  highly 
trained  technology  specialists  to  find  the  perfect  data  security  solutions  for  you.  And  with  our  custom 
configuration  services,  everything  will  be  ready  to  go  when  it  arrives.  Call  CDW  today  and  we'll  introduce 
you  to  some  of  the  best  security  guards  in  the  business. 

m  ■  .  -  CDW.com  800.399.4CDW 
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COOLTOOLS 

■  The  Wi-Fi-enabled 
Eye-Fi  Explore  uses 
geo-tagging  to  attach  a 
geographical  location 
to  a  photo.  See  Cool 
Tools,  page  22. 
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GOODBADUGLY 

Mainframe  allegiance 

IT  managers  report  mainframe  use  is 
going  strong.  In  management  vendor 
BMC  Software’s  annual  survey,  65%  of 
1,100  respondents  said  the  mainframe 
platform  will  continue  to  grow  and 
attract  new  workloads,  compared  to  the 
52%  who  said  the  same  in  2007.  In  addi¬ 
tion,  44%  said  that  access  to  the  plat¬ 
form  is  increasing  through  Web  ser¬ 
vices  and  SOA  integration  projects. 

Online  storage  service  folds 

Can  you  trust  your  data  to  the  cloud? 

For  users  of  an  online  storage  service 
called  The  Linkup,  formerly  known  as 
MediaMax,  the  answer  turned  out  to  be 
a  resounding  “no.”The  Linkup  shut 
down  on  Aug.  8  after  losing  access  to 
unspecified  amounts  of  customer  data. 
The  Linkup  CEO  Steve  Iverson  says  at 
least  55%  of  the  data  was  safe.  How 
much  of  the  remaining  45%  was  saved 
is  not  clear,  he  says. 

VMware  bug  bombs 
virtual  servers 
Many  VMware  cus¬ 
tomers  last  week  were 
prevented  from  logging 
on  to  their  virtual  serv¬ 
ers  as  a  bug  distributed 
in  a  software  update  effectively 
stopped  the  boxes  from  powering  up. 
Customers  that  had  updated  their  sys¬ 
tems  with  the  July  27  releases  of  ESX 
3.5  Update  2  and  ESX1  3.5  were  af¬ 
fected  by  the  bug,  which  caused  the 
product  license  to  expire  on  Aug.12. 
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RNC  venue  gets  network  makeover 

Zamboni  storage  room  now  a  temporary  office  space,  wired  for  voice,  data 


IT  teams  are  extending  voice  and  data  networks  to  all  corners  of  the  Xcel  Energy 
Center,  including  the  Zamboni  storage  room,  which  provides  temporary  office 
space  for  30  convention  staff  members. 


BY  ANN  BEDNARZ 

ST.  PAUL,  MINN.  —  What  does  it  take  to  con¬ 
vert  a  hockey  arena  into  a  site  that  can  handle 
the  technology  demands  of  the  Republican 
National  Convention?  Roughly  25  miles  of 
cabling,  for  starters. 

Since  gaining  access  to  the  Xcel  Energy 
Center  in  St.  Paul,  convention  organizers  have 
laid  miles  of  cable,  removed  3,500  seats, started 
transforming  30  arena  suites  into  temporary 
media  studios,  and  begun  rigging  the  trusses 
that  will  hold  lighting,  speakers  and  other  pro¬ 
duction  equipment. 

As  venues  go,  the  arena’s  openness  and  exist¬ 
ing  infrastructure  have  kept  the  IT  challenges 
manageable,  says  Max  Everett,  CIO  for  the 
committee  in  charge  of  the  2008  Republican 
National  Convention.  But  with  less  than  a 
month  until  the  convention  kicks  off  on  Sept.  1 , 
there’s  still  plenty  to  do  to  ready  the  Xcel 
Center,  home  of  the  Minnesota  Wild  profes¬ 
sional  hockey  team,  for  the  45,000  expected 
participants. 

“The  big  issue  for  us  is  capacity  What  we’re 
doing  far  exceeds  normal  usage,”  says  Everett, 
who  served  as  director  of  IT  for  the  Republican 
Party’s  2004  convention  in  New  York  City 
Everett  moved  to  the  St.  Paul  area  14  months 
ago  as  his  involvement  in  this  year’s  conven¬ 
tion  intensified. 

“There  are  a  lot  of  people  pulling  wires  every¬ 


where  right  now?’  he  says.  With  the  main  fiber 
runs  laid,  most  of  the  ongoing  wiring  is  to 
extend  voice  and  data  coverage  to  temporary 
workspaces,  which  are  being  located  in  every 
conceivable  spot.  For  example,  30  people  are 


working  out  of  the  arena’s  Zamboni  storage 
room.  Locker  rooms,  too,  have  become  tempo¬ 
rary  office  space  for  convention  staff. 

“We  have  a  lot  of  people  working  in  odd 

See  RNC,  page  40 


Microsoft  to  alter  virtual  licensing  rules 


BY  JON  BRODKIN 

Virtualization  experts  expect  Microsoft  to 
eliminate  a  licensing  restriction  that  has  ham¬ 
pered  the  mobility  of  virtual  servers,  perhaps  as 
soon  as  this  week. 

Under  current  Microsoft  rules,  software  run¬ 
ning  on  a  virtual  machine  is  licensed  based  on 
the  physical  server.  This  can  be  problematic 
because  of  technologies  such  as  VMware’s 
VMotion,  which  can  move  virtual  machines 
from  one  physical  server  to  another  without 
causing  downtime. 

Microsoft  considers  a  VMotion  move  a 
license  transfer,  and  prevents  customers  from 
making  such  a  transfer  more  than  once  every 

90  days. 

“You  may  reassign  a  software  license,  but  not 
on  a  short-term  basis  (i.e.,not  within  90  days  of 
the  last  assignment),”  Microsoft  says  in  a  licens¬ 


ing  policy  document  for  Windows  Server  2003. 

This  90-day  restriction  also  applies  to  SQL 
Server  2005  and  Exchange  Server  2007. 

“Technically  the  virtual  machine  would  have 
to  remain  on  the  same  physical  machine  for 
three  months,” says  Burton  Group  analyst  Chris 
Wolf,  who  has  written  extensively  about  licens¬ 
ing  on  virtual  servers  and  urges  vendors  to  lift 
such  restrictions. 

In  an  interview  last  month,  Wolf  predicted 
that  Microsoft  would  respond  to  customer  con¬ 
cerns  and  eliminate  the  90-day  restriction,  and 
instead  tie  licenses  to  virtual  machines  rather 
than  physical  ones.“Within  a  few  months  we’re 
going  to  see  those  changes,”  he  said. “I  believe 
the  90-day  restriction  will  go  away’ 

It  could  happen  as  soon  as  Tuesday  In  an 
interview  with  Network  World  last  month, 
Patrick  O’Rourke,  group  product  manager  at 


Microsoft,  discussed  the  90-day  restriction  and 
said  Microsoft  is  considering  licensing 
changes  that  would  give  customers  more  flexi¬ 
bility  in  reassigning  virtual  machines. 

Last  week,  a  Microsoft  spokesperson  said  the 
company  will  announce  licensing  changes  on 
Tuesday 

“As  server  virtualization  becomes  more  main¬ 
stream,  Microsoft  will  be  announcing  new 
licensing  and  support  policies  to  help  cus¬ 
tomers  make  their  data  centers  and  enterprise 
IT  more  dynamic  on  Aug.  19,”  Microsoft  said. 

The  exact  changes  haven’t  been  revealed. 
Lifting  the  90-day  restriction  would  give 
Microsoft  customers  an  ideal  set  of  licensing 
policies  for  virtual  environments, Wolf  wrote  in 
a  January  report. 

Microsoft  already  supports  multiple  virtual- 

See  Microsoft,  page  16 
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What  are  you  missing  right  now? 

Keep  the  best  of  the  Web  with  you  on  the 
nation’s  largest  mobile  broadband  network. 
Just  plug  it  into  your  laptop  and  go. 


Free 


Sierra  Wireless  Compass"'  597 
Requires  eligible  upgrade  (or  new  service 
activation)  on  a  business  account,  data  plan 
and  two-year  agreement. 

Internet  to  go.  Only  on  the  Now  Network. 

sprint.com/mobilebroadband 
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Largest  claim  based  on  total  network  size  (sq.  miles).  May  require  up  to  a  $36  activation  fee/line,  credit  approval  and  deposit.  $200  early  termination  fee/line  applies.  Mobile  Broadband  Card  Offer: 
Offer  ends  12/31/08.  While  supplies  last.  Requires  activation  at  the  time  of  purchase.  Available  for  corporate-liable  accounts  (activations  using  a  business  name  and  tax  ID)  only.  Upgrade:  Existing 
customers  in  good  standing  with  service  on  the  same  device  for  more  than  22  consecutive  months  currently  activated  on  a  service  plan  of  $34.99  or  higher  may  be  eligible.  See  in-store  rebate  form  or 
sprint.com/upgrade  for  details.  Pricing,  offer  terms,  fees  and  features  may  vary  for  existing  customers  not  eligible  for  upgrade.  Mobile  broadband  card  data  plan  required.  See  sprint.com/coverage  for 
details.  Other  Terms:  Offers  not  available  in  all  markets/retail  locations  or  for  all  phones/networks.  Sprint  Mobile  Broadband  Network  reaches  over  248  million  people  (including  data  roaming).  Not 
available  in  all  markets/retail  locations.  Other  restrictions  apply.  See  store  or  sprint.com  for  details.  ©2008  Sprint. 
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Not  the  old  computer  language 

Re:  Is  LISP  going  to  save  the  Internet?  (www 
.nwdocfinder.com/6232): 

The  Locator/ID  Separation  Protocol  isn’t 
intended  to  directly 
touch  upon  address  ex¬ 
haustion.  Its  primary 
focus  is  on  constraining 
growth  in  the  global 
Internet  routing  table. 

The  abstraction  of  end¬ 
point  ID  from  locator  ID 
has  many  potential 
ancillary  benefits  be¬ 
yond  this,  but  that’s  its 
main  goal. 

Roland  Dobbins 

Discuss  at  www.nwdocfinder.com/6232 


M  [Security]  regulations 
are  somewhat  laughable,  as 
they  are  made  by  politi¬ 
cians,  who  are  generally 
clueless  as  to  how  to  imple¬ 
ment  real,  practical  solu¬ 
tions  in  the  real  world.55 


Where’s  the  Exchange  backup? 

Re:  NT  backup  for  Exchange  on  Server  2008? 
(www.nwdocfinder.com/6233): 

Six  months  after  Server  2008  has  been  re¬ 
leased,  and  still  no  native  way  to  back  up  the 
Exchange  database. This  is  ridiculous. 

Removing  a  fundamental  component  of  an 
application  —  the  ability  to  back  it  up  out  of 
the  box  —  is  completely  unacceptable.This  is 
the  sort  of  arrogant  behavior  that  has  me  look¬ 
ing  at  alternative  e-mail  applications  on  alter¬ 
native  operating  systems. 

Gary  McDonnell 

Discuss  at  www.nwdocfinder.com/6233 

Google  and  SIP 

Re:  Will  Google  consider  hosted  telephony? 
(www.nwdocfinder.com/6234): 

I  have  no  doubt  Google  is  moving  in  this 
direction.lt  would  complete  the  circle  of  com¬ 
munication. 

Frank  Cameron 

What  would  be  the  point  of  integrating  with 
some  kind  of  [Session  Initiation  Protocol]  user 
agent?  To  enable  users  to  use  all  kinds  of  SIP 
devices,  half  of  which  will  not  interoperate 
with  the  other  half,  to  make  a  phone  call?  Most 
normal  users  do  not  care  about  this  sort  of 
thing:  They  just  want  to  make  a  call. 


►  SPECIAL  NETWORK  WORLD  FEATURE 


SCAN  THIS  CODE 
with  your  cell 
phone  to  get  the 
latest  IT  network 
news  delivered  to 
your  cellular 
device. 
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To  get  the  client 
software,  use  your  phone  browser  to 
visit  wap.connexto.com 

For  more  information  on  code  scanning 
see  www.mvw.com/codescan 


What  would  be  cool,  though,  is  if  Google 
created  a  platform  for  applications,  similar 
to  the  forthcoming  Advanced  Multimedia 
System  (AMS,  aka  H.325).  Then  you  could 

use  desktop  appli¬ 
cation  and  LCD 
screens  with  your 
mobile  device  for  a 
very  rich  multimedia 
experience. 

The  platform  and 
control  are  key  to 
enabling  applica¬ 
tions  —  and  perhaps 
that’s  what  Android 
might  give  Google  in 
the  end. Then,  with  a 
boatload  of  independent  application-devel¬ 
opers  writing  applications  that  naturally 
integrate  with  the  platform,  Google  would 
make  huge  waves. 

Paul  £.  Jones 

Discuss  at  www.nwdocfinder.com/6234 

Why  security  boondoggles 
happen 

Re:  Flying  to  Defcon  with  no  ID  (www.nw 
docfinder.com/6235) : 

Part  of  the  reason  that  you  have  “multibil- 
lion-dollar  cyber/ID  security  boondoggles”  is 
due  to  a  triple  failure  of  the  system  stake¬ 
holders:  the  users,  the  integrators  and  the 
security  owners  (management  or  adminis¬ 
tration,  depending  on  whether  governmental 
or  civil).  Users  want  the  peace  of  mind  of 
security,  but  aren’t  willing  to  work  with  inte¬ 
grators  or  security  owners  to  change  their 
mind-sets  or  expectations.  Integrators  are  try¬ 
ing  to  sell  as  much  as  possible  without  nec¬ 
essarily  listening  to  user  requirements,  when 
they  can  actually  get  usable  requirements. 
Security  owners  are  usually  trying  to  “make 
the  issue  go  away”  and  think  that  by  spend¬ 
ing  money  they  can  solve  the  issues.They  do 
not  generally  take  a  look  at  the  underlying 
issues,  seeking  only  to  meet  the  minimum 
standards  required  by  regulations.  Such  reg¬ 
ulations  are  somewhat  laughable,  as  they  are 
made  by  politicians,  who  are  generally  clue¬ 
less  as  to  how  to  implement  real,  practical 
solutions  in  the  real  world. 

The  only  way  to  truly  solve  these  issues  is  for 
all  parties  to  sit  down  and  give  the  issues  con¬ 
sideration  from  a  common-sense  and  prag¬ 
matic  viewpoint.  Implementing  expensive  but 
useless  or  frustrating  controls  solves  nothing. 
Ignoring  the  holes  is  just  as  useless.  Only  by 
getting  concrete  policies,  appropriate  technol¬ 
ogy  and  security  awareness  by  people  will  the 
situation  get  any  better.  It’s  as  complex  and  as 
simple  as  that. 

Smajorca 

Discuss  at  www.nwdocfinder.com/6236 

E-mail  letters  to  jdix@nww.com  or  send  them 
to  John  Dix,  editor  in  chief,  Network  World,  492 
Old  Connecticut  Path,  Framingham,  MA  01 701- 
9002.  Please  include  phone  number  and  address 
for  verification 


NETWOBKWORLD 


CEO:  JOHN  GALLANT 

EDITOR  IN  CHIEF:  JOHN  DIX 

■  NEWS 


ONLINE  EXECUTIVE  EDITOR,  NEWS:  BOB  BROWN 

ONLINE  NEWS  EDITOR:  MICHAEL  COONEY 

ONLINE  NEWS  EDITOR:  PAUL  MCNAMARA 

ONLINE  ASSOCIATE  NEWS  EDITOR:  ANN  BEDNARZ  (612)  926-0470 

■  NET  INFRASTRUCTURE 

SENIOR  EDITOR:  JOHN  COX  (978)  834-0554 

SENIOR  EDITOR:  TIM  GREENE 

SENIOR  EDITOR:  ELLEN  MESSMER  (941)  792-1061 

■  ENTERPRISE  COMPUTING 

SENIOR  EDITOR:  JOHN  FONTANA  (303)  377-9057 

■  APPLICATION  SERVICES 

NATIONAL  CORRESPONDENT:  CAROLYN  DUFFY  MARSAN, 

(317)  566-0845 

SENIOR  EDITOR:  DENISE  DUBIE 

SENIOR  EDITOR:  CARA  GARRETSON  (240)  246-0098 

SENIOR  WRITER:  JON  BRODKIN 

■  SERVICE  PROVIDERS 

MANAGING  EDITOR:  JIM  DUFFY  (716)  655-0103 

STAFF  WRITER:  BRAD  REED 

■  NET.WORKER  

EDITOR:  MICHAEL  COONEY 

■  COPY  DESK/LAYOUT 

MANAGING  EDITOR:  RYAN  FRANCIS 
COPY  CHIEF:  TAMMY  O’KEEFE 
SENIOR  COPY  EDITOR:  JOHN  DOOLEY 
COPY  EDITOR:  CAROL  ZARROW 

■  ART 

ART  DIRECTOR:  BRIAN  GAIDRY 
ASSOCIATE  ART  DIRECTOR:  STEPHEN  SAUER 

■  FEATURES 

EXECUTIVE  FEATURES  EDITOR:  NEAL  WEINBERG 

■  CLEAR  CHOICE  TESTS 

EXECUTIVE  EDITOR,  TESTING:  CHRISTINE  BURNS,  (717)  243-3686 
LAB  ALLIANCE  PARTNERS:  JOEL  SNYDER,  Opus  One;  JOHN  BASS, 
Centennial  Networking  Labs;  BARRY  NANCE,  independent 
consultant;  THOMAS  POWELL,  PINT;  Miercom;  THOMAS 
HENDERSON,  ExtremeLabs;  TRAVIS  BERKLEY,  University  of 
Kansas;  DAVID  NEWMAN,  Network  Test;  CHRISTINE  PEREY, 
Perey  Research  &  Consulting;  JEFFREY  FRITZ,  University  of 
California,  San  Francisco;  JAMES  GASKIN,  Gaskin  Computing 
Services,  MANDY  ANDRESS,  ArcSec;  RODNEY  THAYER, 
Canola  &  Jones 

CONTRIBUTING  EDITORS:  DANIEL  BRIERE.MARK  GIBBS,  JAMES 

KOBIELUS,  MARK  MILLER 

■  HETWORKWORLD.COM 

EXECUTIVE  EDITOR,  ONLINE:  ADAM  GAFFIN 

SITE  EDITOR:  JEFF  CARUSO,  (631)  584-5829 

SITE  PRODUCER:  JONATHAN  SUMMEY 

ASSISTANT  SITE  EDITOR:  LINDA  LEUNG,  (510)  647-8960 

COMMUNITY  EDITOR:  JULIE  BORT  (970)  482-6454 

PROGRAM  DIRECTOR:  KEITH  SHAW,  (508)  766-5444 

MULTIMEDIA  EDITOR:  JASON  MESERVE 

ASSOCIATE  ONLINE  EDITOR:  SHERYL  HODGE 

ONLINE  ASSOCIATE  ART  DIRECTOR:  ZACH  SULLIVAN 

■  NEW  DATA  CENTER  SUPPLEMENTS _ 

EDITOR:  BETH  SCHULTZ,  (773)  283-0213 
COPY  EDITOR:  CAROL  ZARROW 

EDITORIAL  OPERATIONS  MANAGER:  CHERYL  CRIVELLO 

OFFICE  MANAGER,  EDITORIAL:  PAT  JOSEFEK 

MAIN  PHONE:  (508)  766-5301 

E-MAIL:  first  namejast  name@nww.com 


8  •  AUGUST  18,  2008  •  www.networkworld.com 


SMART  MFPs? 

HOW  ABOUT  GENEROUS  TOO? 


Start  with  paying  up  to  30%  less  for  your  color  printing.  Then  add 
in  getting  color  accents  for  the  price  of  a  black-and-white  page. 

The  HP  CM8060  MFP  with  Edgeline  Technology  doesn't  stop  there:  it  also 
prints  and  copies  50  color  pages  a  minute,  so  your  organization  can 
be  even  more  productive.  That's  alternative  thinking  about  printing. 


hp.com/go/8060 


AH)8  He  wlett-Packard  Development  Company,  L.P.  Simulated  images. 
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I BLDGl SPHERE 


■  IPhone  apps  more  locked  down  than 
you  think.  Craig  Matthias  ponders  Steve 
Jobs'  admission  that  Apple  has  enabled  a 
way  to  delete  software  it  doesn’t  like  from 
your  new  iPhone:  “Competition  will  ulti¬ 
mately  force  Apple  to  do  the  right  thing,  or 
they'll  have  to  be  content  with  2%  market 
share.  In  the  meantime,  repeat  after  me:  Lord 
Steven  is  my  master,  and,  yea,  though  I 
payeth  for  my  iPhone,  it  is  he  and  ATTus  that 
doth  really  own  it,  and  I  shall  computeth  only 
that  which  they  so  deemeth  acceptable,  on 
earth  as  it  is  in  Cupertino,  pax  iPhono,  amen." 
www.nwdocfinder.com/6246 

■  Minimizing  spoofing  problems.  Yusuf 
Bhaiji  runs  down  some  techniques:  “IP 
spoofing  is  one  of  the  most  common  net¬ 
work  attacks.  Many  security  designs  and 
solutions  lack  this  fundamental  proactive 
prevention  technique.  Usually,  I  see  people 
implementing  reactive  prevention.  My  rec¬ 
ommendation  is  to  apply  proactive  security 
measures  to  protect  the  network  from  any 
unforeseen  IP  spoofing  attacks." 
www.nwdocfinder.com/6248 

■  Russian  cyberwar  may  have  started 
early.  Richard  Stiennon  looks  at  attacks  on 
a  Georgian  government  Web  site  (ironically 
hosted  in  Atlanta)  that  began  before  the 
actual  war  between  Russia  and  Georgia: 
“Russian  military  surrogates  in  the  form  of 
the  criminal  Russian  Business  Network  are 
engaged  in  attacks  against  servers  on  U.S. 
soil. This  point  should  be  brought  up  as  the 
Group  of  8-1  discusses  appropriate  re¬ 
sponses  to  Russia's  attack  on  Georgia.  . .  . 
Was  this  whole  war  premeditated  on  the 
part  of  Russia?  Did  they  incite  Georgia  to 
take  action  against  the  separatists  at  a  time 
that  was  oh-so-conveniently  coincident 
with  the  start  of  the  Olympics  in  Beijing?  I 
may  be  suffering  from  time-zone  confusion, 
but  when  the  dust  settles,  Russia  is  going  to 
have  some  explaining  to  do. . . .  How  did  the 
criminals  at  RBN  know  to  launch  attacks 
when  they  did?" 
www.nwdocfinder.com/6249 

■  Tucking  into  Tux.  Denise  Dubie  reports 
on  a  poll  at  the  LinuxWorld  conference  of 
participants’  favorite  open  source  mascots: 
“The  Mozilla  Firefox  was  the  preferred  mas¬ 
cot  for  nearly  50%  of  the  1,100  fans  polled 
during  the  conference.  Beastie,  the  BSD 
Demon,  placed  second  among  those  sur¬ 
veyed  with  nearly  32%  of  the  vote;  and  Tux 
came  in  a  distant  third  with  just  6.6%  of  the 
vote  ahead  ofThe  GNU  Gnu,  which  garnered 
a  paltry  2.3%  from  supporters." 
v/ww.nwdocfinder.com/6250 


Going  beyond  FTP 

Proginet  CEO  Sandy 
Weil  discusses  man¬ 
aged  file  transfer,  how 
it  differs  from  FTP,  and 
how  it  can  solve  long¬ 
distance,  high-latency 
file  transfer  problems 
and  can  get  around  the 
large  file  within  e-mail 
systems  conundrum. 

www.nwdocfinder.com/6239 


INTERVIEWS,  THE  COOLEST  TOOLS  AND  MORE 


IDG  NEWS  WIRE: 


IDG  NEWS  WIRE 


ITlfcff 


Oakland  gets  unified 

After  10  years  of 
research  and  rollouts, 
the  city  of  Oakland, 
Calif.,  says  it’s  reaping 
savings  and  benefits 
from  its  VoIP  deploy¬ 
ment,  with  about  4,600 
employees  switched 
over. 

www.nwdocfinder.com/6240 


Cell  phone  includes 

compass, 

thermometer 

Casio's  latest  G’zOne 
phone  includes  a  com¬ 
pass,  thermometer,  tide 
charts,  sunrise/sunset 
times,  moon  phases 
and  more.  The  water¬ 
proof  phone  is  exclu¬ 
sive  to  Japan,  but  could 
be  implemented  in 
overseas  models  in  the 
future. 


www.nwdocfinder.com/6241 


BEST  OF  NWW’S 

NEWSLETTERS 

How  the  FCC's  ruling  against 
Comcast  could  affect  networks 


Wide-area  networking:  Last  time,  we  dis¬ 
cussed  the  FCC’s  Aug.  1  ruling  that  Comcast 
was  acting  improperly  in  using  deep  packet 
inspection  technology  to  selectively  block 
certain  types  of  traffic,  especially  concentrat¬ 
ing  on  peer-to-peer  traffic  that  might  be  con¬ 
sidered  to  be  competitive  with  its  own  ser¬ 
vice  offerings. Today,  we’ll  offer  some  further 
opinions  on  this  ruling  and  its  impact  on 
corporate  networks.  Perhaps  some  of  the 
best  news  for  corporate  network  managers 
is  that  this  is  proof  that  equipment  designed 
for  DPI  actually  works  —  and  evidently 
works  well.  So  if  you  decide  that  you  need 
more  control  for  P2P  traffic  on  your  corpo¬ 
rate  network,  this  seems  to  be  quite  an 
endorsement.  And,  again  pointing  out  that 
we’re  not  lawyers,  there  seems  to  us  to  be  a 
fundamental  difference  in  the  ability  to  filter 
traffic  on  your  own  corporate  network  and 
on  public  networks. 
www.nwdocfinder.com/6244 


Wireless:  The  global  voice  and  data  roam¬ 
ing  charges  users  incur  when  they  travel 
internationally  have  long  been  a  thorn  in 
the  side  of  multinational  companies.  Usage 
for  data  is  particularly  difficult  to  control 
for  several  reasons,  one  of  which  is  that 
some  of  the  usage  gets  sucked  up  by  back¬ 
ground  housekeeping  duties  —  such  as  reg¬ 
ular  automatic  checks  to  weather,  e-mail 
and  other  services.  Even  if  there’s  no  new 
data  downloaded,  these  pings  eat  up  some 
portion  of  the  allotted  kilobytes.  AT&T,  the 
Apple  iPhone’s  sole  carrier  in  the  United 
States,  has  global  data  packages  that  can 
cost  multinationals  as  much  as  nearly 
2  cents  per  kilobyte  in  overage  charges, 
depending  on  the  country.  Given  that  so 
much  of  future  smartphone  usage  will  be 
for  data  and  multimedia,  can  enterprises 
use  their  devices  globally  without  quaking 
in  fear  of  the  ultimate  tab? 
www.nwdocfinder.com/6245 
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Military  lays  out  $4.4M  for 
network  monitoring  technology 

Bigger,  better  and  faster  are  the  driving  themes  behind  the  advanced  network¬ 
monitoring  technology  BBN  Technologies  is  building  for  the  military  The 
high-tech  firm  got  a  $4.4  million  contract  last  week  from  the  Defense 
Advanced  Research  Projects  Agency  to  develop  novel,  scalable,  attack-detection 
algorithms  and  a  flexible,  expandable  architecture  for  implementing  and  deploy¬ 
ing  them.  The  network-monitoring  system  is  being  developed  under  DARPAs 
Scalable  Network  Monitoring  program,  which  seeks  to  bolt  down  network  secu¬ 
rity  in  the  face  of  cyberattacks  that  have  grown  more  subtle  and  sophisticated. 
Some  of  the  programs  requirements  are  a  probability  of  detecting  malicious  traf¬ 
fic  of  greater  than  99%  per  attack  launched;  a  false-alarm  rate  while  monitoring 
traffic  of  not  more  than  one  false  alarm  per  day;  and  support  capabilities  at  con¬ 
ventional  gateway  line-speeds  of  lGbps  in  the  first  phase  of  the  contract  and 
lOOGbps  in  its  second  phase,  www.nwdocfinder.com/6260 


Storage  boom  drives  strong  Brocade 
results.  Brocade  Communications  Systems 
rode  a  boom  in  network  storage  to  double¬ 
digit  revenue  growth  and  earnings  that  beat 
analysts’  expectations  in  its  fiscal  third 
quarter. The  company,  which  sells  storage- 
network  gear  under  its  own  name  and  big- 
name  brands  including  EMC  and  IBM,  last 
week  reported  revenue  of  $365.7  million  for 
the  three  months  ending  July  26. That  was  a 
nearly  12%  increase  from  $327.5  million  in 
revenue  a  year  earlier  and  surpassed  a  con¬ 
sensus  forecast  of  about  $352  million  from 
analysts  polled  by  Thomson  Financial. 
Brocade’s  growing  revenue  helped  drive 
net  income,  which  reached  $20.3  million, 
nearly  double  that  of  a  year  earlier. 
Enterprises’  need  to  keep  more  data  and 
consumers’  desire  to  store  more  content 
online  are  fueling  the  growth  of  Brocade 
and  other  storage  vendors,  said  analyst  Tam 
Dell’Oro  of  The  Dell’Oro  Group. 
www.nwdocfinder.com/6261 

HP  buys  WLAN  vendor  Colubris.  HP 

ProCurve’s  acquisition  of  Colubris  Net¬ 
works  is  a  strategic  move  by  the  company 
to  increase  its  visibility  in  the  wireless-LAN 
market  and  extend  its  penetration  into 
such  key  vertical  markets  as  education, 
hospitality,  transportation  and  healthcare. 
Announced  last  week,  the  deal  will  help 
HP  ProCurve  address  market  requirements 
faster  with  IEEE  802.1  In  products  that 
complement  its  own,  supplied  primarily 
through  an  OEM  arrangement  with 
Motorola.  Financial  terms  of  the  deal  were 
not  disclosed.  Product  and  operations- 
integration  issues  are  still  being  worked 
out,  but  HP  ProCurve  plans  to  keep 
Colubris  facilities  in  Massachusetts  and 
Canada  up  and  running. 
www.nwdocfinder.com/6262 
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Open  source  advocates  hail  court  rul¬ 
ing.  Free-software  advocates  are  praising  a 
federal  appeals  ruling  that  allows  greater  pro¬ 
tection  for  open  source  software  against 
copyright  infringement. 

The  case  concerns  ^ 

Kam  Industries,  - 

which  downloaded 
open  source  code 
for  use  in  a  product 
that  programs  the 
chips  controlling 
model  trains.  Robert 
Jacobsen,  who  wrote  the 
code,  alleged  that  Kam  violat¬ 
ed  the  terms  of  the  Artistic  License  and  in 
turn  violated  the  software’s  copyright. 
Jacobsen  sought  an  injunction  to  prevent 
Kam  from  using  the  software,  which  was 
denied  by  the  U.S.  District  Court  for  the 
Northern  District  of  California.The  U.S.  Court 
of  Appeals  for  the  Federal  Circuit,  however, 
overturned  the  ruling  last  week.The  key  point 
in  the  ruling  is  that  it  gives  those  who  use  the 
Artistic  License  the  leverage  to  argue  copy¬ 
right  infringement  rather  than  just  breach  of 
contract  —  which  opens  the  door  to  statu¬ 
tory  damages. 

www.nwdocfinder.com/6263 


Nortel  buys  Pingtel.  Nortel  announced  the 
acquisition  of  Pingtel’s  software-based  unified 
communications  system.  Pingtel  is  owned  by 
Bluesocket,  a  developer  of  enterprise  mobility 
products.  Pingtel  will  provide  new  Session 
Initiation  Protocol-based  software  capabilities 
to  Nortel’s  enterprise  unified  communica¬ 
tions  portfolio,  as  well  as  additional  R&D 
capabilities.  Pingtel  and  Nortel  had  an  OEM 
relationship,  but  the  acquisition  gives  Nortel 
ownership  of  the  Pingtel  technology  and  fur¬ 
thers  the  company’s  ambitions  to  become 
more  software-centric.  Under  the  terms  of  the 


agreement,  Nortel  will  acquire  the  assets  of 
Pingtel  from  Bluesocket.  Financial  terms  were 
not  disclosed. 

www.nwdocfinder.com/6264 

Hosted  e-mail  growing  strong.  The  num¬ 
ber  of  hosted  e-mail  seats  will  grow  by  nearly 
40%  in  the  next  four  years,  climbing  from 
1.6  billion  seats  today  to  2.2  billion  by  2012, 
according  to  a  new  study  by  The  Radicati 
Group. Two  sources  of  fuel  for  the  growth  are 
the  evolution  of  the  technology  and  IT’s 
changing  attitude  about  hosting.The  hype 
around  cloud  computing  also  is  helping  in¬ 
terest  in  online  services.  In  addition,  providers 
are  adding  other  features,  including  archiving, 
compliance, security  and  social-networking 
tools,  to  make  hosted  offerings  more  attrac¬ 
tive,  the  research  firm  says.The  survey  breaks 
hosting  providers  into  three  categories: 
hosted  business  e-mail  that  targets  compa¬ 
nies  with  one  to  1 ,000  mailboxes;  managed 
business  email,  typically  used  by  large  enter¬ 
prises;  and  ISP-  or  Web-mail  services  that  are 
largely  free  and  target  consumers. 
www.nwdocfinder.com/6265 

AT&T  snags  Boeing  contract.  Boeing  is 
paying  AT&T  $400  million  over  the  next  five 
years  to  consolidate  its  voice  and  data  net¬ 
works  into  one  IP-based  system.  Boeing  will 
use  AT&T’s  WAN  services,  voice  and  audio 
conferencing  systems,  managed  Internet  ser¬ 
vice,  and  wireless  voice  and  data  services. 
AT&T  says  it  will  implement  its  MPLS-enabled 
VPN  to  give  Boeing  employees  enterprise 
connectivity  and  also  to  support  internal 
voice  capabilities  that  will  extend  to  the  com¬ 
pany’s  remote  workforce,  suppliers  and  busi¬ 
ness  partners.“Moving  to  a  primary  service 
provider  is  expected  to  help  Boeing  achieve 
significant  cost  savings  and  increase  produc¬ 
tivity’ says  Radha  Radhakrishnan,  Boeing’s 
vice  president  of  computing  and  network 
operations,  www.nwdocfinder.com/6266 

Cisco  combines  SMB  engineering 
teams.  Cisco  has  combined  the  engineering 
teams  for  all  its  small-to-midsize  business 
products,  forming  a  single  group  to  develop 
products  for  the  Cisco  and  Linksys  brands. 
The  new  team  could  swap  features  across  the 
two  brands,  bringing  Linksys’  ease-of-use 
innovations  to  Cisco  gear,  and  more- 
advanced  capabilities, such  as  customization 
features,  from  the  parent  brand  to  Linksys 
equipment,  says  Andrew  Sage,  a  Cisco  vice 
president.  Products  developed  by  the  com¬ 
bined  team  should  start  hitting  the  market 
within  six  months,  he  says.The  move,  which 
comes  as  Cisco  also  folds  its  Linksys  channel- 
partner  program  into  Cisco’s,  is  the  latest 
nudge  toward  an  eventual  elimination  of  the 
Linksys  brand  that  executives  have  hinted  at 
several  times. 

www.nwdocfinder.com/6267 
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The  road  to  virtualization  now 


InfraStru^ 


DATA  CENTERS  ON  DEMA 


7  Principles  of  InfraStruXure®  HD-Ready  architecture... 


1  Rack  enclosures  that  are  HD-Ready 

Start  with  vendor  neutral  NetShelter®  SX  racks,  engineered  to  handle 
the  airflow  and  power  needs  of  power-hungry,  high-density  servers. 


2  Metered  PDUs  at  the  rack  level 

Install  metered  rack  PDUs  to  indicate  which  racks  and  outlets  have  capacity  for  new  HD  servers. . . 
and  which  ones  don't. 

3  Temperature  monitoring  in  the  racks 

Add  local  or  remote  monitoring  of  temperature  and  humidity  where  it  counts  -  in  your  enclosures. 

4  Centralized  monitoring  software  (not  shown) 

Monitor  all  power,  cooling,  security,  and  environments  from  one  management  system  using 
real-time  data  at  the  row,  rack,  and  U-level. 


5  Operations  software  with  predictive  capacity  management  »=« 

Conventional  operations  software  simply  manages  inventory  fluctuations  and  configuration  changes. 
Our  capacity  management  software  does  this  and  more  -  simulating  and  predicting  the  true  impact  a 


new  server  or  other  equipment  will  have  on  your  power  and  cooling  infrastructure.  Only  through  predic- 


6 

7 


tive  simulation  can  you  avoid  overloading  circuits  and  generating 
hot  spots. 

Efficient  InRow  cooling  products 

Innovative,  responsive  variable  speed  fans  optimize  efficiency  by 
closely  matching  performance  to  your  variable  cooling  needs. 

UPS  power  that  is  flexible  and  scalable 


APC's 

Capacity  Manager 

has  received  a 
2007  Data  Center 
Products  of  the  Year 
Gold  Award  from 
Searchdatacenter.com 


Respond  quickly  and  efficiently,  without  wasteful  oversizing,  as  UPS  power  demands  grow.  Depending 
on  your  needs,  choose  a  scalable  row,  in-room,  or  back  room  UPS  solution. 


. . .  overlay  an  InfraStmXure  zone 
into  an  existing  large  data  center. . . 


Running  a  large  data  center  facility  is  challenging  enough 
without  the  intense  pressures  on  power,  cooling  and  management 
caused  by  high-density  computing  and  exacerbated  by  virtualiza¬ 
tion.  The  flexible  InfraStruXure  architecture  allows  you  to  identify 
your  specific  areas  of  high-density  computing  and  "overlay"  the 
InfraStruXure  zone  -  no  matter  the  size  or  configuration.  Not  only  is 
InfraStruXure  compatible  with  all  leading  IT  brands,  but  also  with 
any  and  all  existing  power  and  cooling  architectures.  Neutralize 
and  manage  high-density  zones  in  your  existing  facility  that  would 
otherwise  be  too  hot  to  cool  with  perimeter-only  solutions. 


' 


InfraStruXure* 


has  a  high  speed  lane. 


Efficiency  &  Virtualization 

Your  servers  are  efficient  but  is  your  power  and  cooling? 


COOLING 

USAGE/CAPACITY 

SERVERS 

POWER 

USAGE/CAPACITY 


Pre-Server  Virtualization 


□  Correct  Server  Utilization 

□  CorTect-sized  Power 

□  Correct-sized  Cooling 


Q 


Big  gains  could  be  made  with  both 
server  and  power  and  cooling. 


* 


Post-Server  Virtualization 


Grossly  oversized  power  and  cooling  cancels 
out  potential  gains  made  by  virtualizing. 


0  Conect  Server  Utilization 

□  Correct-sized  Power 

□  Correct-sized  Cooling 


□  EOT  16 

U  Mil  HH  Efficien 


j°/o* 

Efficiency 


Server  Virtualization  with  Power  and  Cooling 


Right-sized  power  and  cooling  tip  the  balance  back  in  your  favor. 


|Vf  Conect  Server  Utilization 
El  Correct-sized  Power  n 

IZf  Correct-sized  Cooling  LJ 


Gain  thermal  efficiency  with  our  InRow  cooling  products. 
Closely  coupling  the  AC  with  the  heat  source  reduces  the 
distance  coid  air  must  travel  (from  50  feet  down  to  5  feet), 
prevents  hot  exhaust  air  from  mixing  with  cool  air  in  the 
room,  and  allows  more  targeted  precision  cooling. 


in  .  *  Efficiency  Index:  According  to  the  Green  Grid. 

■  •  ■  ■  efficiency  is  based  on  the  relative  relationship  between 

*  ■■  *  the  green  gncr  server  utilization  and  the  overall  power  and  cooling 
efficiency.  If  you  right-size  one  without  the  other,  you 
won’t  realize  true  efficiency  gains. 


(HD)  racks  right  now... 


...or  deploy  InfraStruXure 
as  the  foundation  of  your 
entire  data  center  or  server  room. 


As  technology  shifts  toward  high-density,  forward-thinking  IT 
managers  are  laying  basic  HD  framework  in  place,  so  they  can 
respond  quickly  to  future  change.  InfraStruXure  is  a  simple  yet 
dynamic  drop-in  solution  that  can  be  quickly  scaled  up  to  higher 
density.  When  you're  ready,  go  from  low  to  high-density  by 
adding  enhanced  monitoring,  power  and  temperature  control, 
software  management,  and  higher  capacity  AC  units. 

If  you're  already  feeling  the  heat  from  high-density  driven  by 
virtualization,  the  InfraStruXure  HD-Ready  system's  row-based 
cooling  and  management  will  allow  you  to  handle  20kW  or 
more  per  rack  and  deliver  system-wide  visibility  and  control. 

The  standardized  architecture  lets  you  grow  modularly  over 
time,  or  virtualize  anywhere  and  anytime  you  need  to. 


Virtualization  is  here  to  stay. 

And  it's  no  wonder,  since  it  saves  space,  reduces  power  consumption 
and  gives  the  flexibility  and  control  to  maximize  your  IT  resources.  But 
these  benefits  of  a  smaller  footprint  come  at  a  cost.  Virtualized  servers, 
even  at  50%  capacity,  require  special  attention  to  cooling,  no  matter  the 
size  of  the  zone,  system,  or  overall  data  center. 

1 .  Heat  Server  consolidation  creates  higher  densities  per  rack.  This,  in  turn, 
generates  more  and  more  heat,  putting  your  equipment  and  overall  system 
at  risk  for  downtime  and  failure. 

2.  Inefficiency  Perimeter-only  cooling  solutions  just  can't  handle  the  heat 
at  its  source  in  the  racks  or  rows  where  higher  densities  exist.  As  a  result, 
you're  forced  to  compensate  by  over  cooling  at  high  energy  costs  -  with 
disappointing  results. 

3.  Power  Events  Virtual  loads  are  constantly  on  the  move,  making  it  hard  to 
predict  available  power  and  cooling.  One  tripped  breaker  could  mean 
serious  and  irreversible  damage  to  your  network. 

Removes  barriers  to  high-density  for  good. 

Power  and  cooling  issues  driven  by  high-density  shouldn’t  stop  you 
from  adopting  valuable  trends  like  virtualization.  This  is  why  APC  has 
created  the  HD-Ready  InfraStruXure  architecture.  As  a  stand-alone 
system  or  as  a  zone  within  your  existing  data  center,  InfraStruXure 
gets  you  to  the  next  level. 

Simple  to  design,  configure,  and  install,  HD-Ready  InfraStruXure 
architecture  lets  you  decide  when  and  where  to  handle  higher 
densities,  in  a  specific  zone  or  system-wide.  Now,  with  HD-Ready 
InfraStruXure,  you  can  get  cooling  into  the  virtualized  high-density  row, 
control  power  at  the  rack  level,  and  manage  the  system  through 
advanced  software  and  simulation,  which  alerts  you  to  potential 
threats  to  a  virtualized  environment. 

Take  the  right-sized  approach  to  true  efficiency. 

You're  virtualizing  to  reduce  overall  energy  consumption.  By  eliminat¬ 
ing  under-utilized  servers  (sometimes  at  a  7:1  ratio)  you  will  waste 
less  energy.  But  wait ...  data  center  efficiency  depends  on  the  relative 
efficiencies  of  power,  cooling,  and  servers.  You  can't  right-size  one  and 
not  the  others.  If  you  do,  you've  just  left  your  efficiency  savings  on  the 
table  (See  "Efficiency  and  Virtualization"  to  the  left). 

To  right-size,  you  can  depend  on  the  efficient  and  modular  HD-Ready 
InfraStruXure.  Its  UPS  technology,  combined  with  our  one-of-a-kind 
row-based  cooling  technology  with  optional  hot  aisle  containment,  will 
neutralize  heat  at  the  source.  Your  equipment  will  be  safer  and  more 
efficient  running  closer  to  100%  capacity.  No  more  threats  to  equip¬ 
ment,  no  more  under-utilized,  oversized  power  and  cooling. 

Don't  agonize,  virtualize. 

What  are  you  waiting  for?  The  APC 
HD-Ready  InfraStruXure  architecture  is 
so  versatile,  anyone  can  virtualize,  any¬ 
time,  anywhere.  Just  drop  it  in  and  go.  by  Schneider  Electric 


Why  do  leading  companies  prefer  InfraStruXure  6  to  1  over  traditional 
data  center  designs?  Rnd  out  at  wwwj(compatible.com 
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The  following  have  been  tested  and  work 
best  with  InfraStraXure  Solutions™ 


D 


SQUARE  □ 


Square  D ®  is  a  market-leading  global 
brand  of  Schneider  Electric  for  NEMA 
type  electrical  distribution  and  industrial 
control  products,  systems  and  services. 


j:  TAC  provides  building  environment 

A  services  for  indoor  climate,  security  and 
I  energy  use,  via  advanced  technology  to 
I  end-users  and  property. 

8 

WAX. 

|  Dell  is  a  global  systems  and  services 

|  company  offering  a  broad  range  of  product 
|  categories  including  desktop  computer 
I  systems,  servers  and  networking  products, 
|  mobility  products,  software  and  peripherals 
C  and  enhanced  services. 


% 

Cisco,  the  leading  supplier  of 
networking  equipment  and 
network  management  for  the 
Internet,  recognizes  APC  as  a 
Cisco  Technology  Developer 
Program  partner  for  its 
InfraStruXure ®  architecture. 


Microsoft 

APC  is  proud  to  be  recognized  as  a 
supporter  of  the  Microsoft  Technology 
Centers  throughout  the  U.S.  with  our 
InfraStruXure  solution. 


I  PELCO 

|  Pelco  is  a  worldwide  leader  in  the  design . 
|  development  and  manufacturing  of  video 
i  security  systems. 
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EMC? 


SELECT 


APC  is  a  member  of  the 
EMC  Select  program  which 
offers  the  InfraStruXure 
product  line  to  complete 
your  EMC  Storage  Solution. 


ALLIANCE 
-£.-=^-1?=.®  PARTNER 

The  largest  computer  company  in 
the  world.  IBM  manufactures  and 
sells  hardware  and  software  and 
offers  infrastructure  services,  hosting 
services,  and  consulting  services 
in  areas  ranging  from  mainframe 
computers  to  nanotechnology. 

Go  to  www.xcompatible.com 
to  learn  more  about  how  these 
products  work  with  InfraStruXure  s 
high-density  solutions. 

sEFLr* 

Download  a  FREE  copy 
of  APC  White  Paper  #126: 

"An  Improved  Architecture 
for  High-Efficiency,  High-Density 
Data  Centers"  and  start  running 
more  efficiently  today! 

Visit  www.apc.com/pramo 
Enter  Key  Code  c660w 
Call  888-289-APCC  x9613 
Fax  401-788-2797 
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line  wireless  companies  to  watch 

Convergence  and  energy  savings  lead  the  way  in  wireless  innovation 


BY  JOHN  COX 

Wireless  and  mobile  technology  is  speeding 
up.  In  our  latest  update,  as  always,  we  focus  on 
products  and  services  that  can  impact  corpo¬ 
rate  computing. 

Here  are  nine  wireless  companies  that 
should  be  on  every  network  manager’s  radar. 

Celio 

Founded:  July  2006 

Location:  Salt  Lake  City 

What  does  the  company  offer?  The  ulti¬ 
mate  Windows  Mobile  smartphone  acces¬ 
sory:  Redfly,  a  notebook-like  dis¬ 
play  screen,  compact  keyboard 
and  mouse.  It  links  to  an 
expanding  selection  of  phones 
via  Bluetooth  or  USB.  No  operat¬ 
ing  system,  CPU  or  disk,  just  a 
video  card  that  processes  the 
screen  from  a  handset  so  it’s  . . . 
big.  Often  compared  with  Palm’s 
ill-fated  Foleo  device,  Redfly  differs  because 
it’s  not  something  that  has  to  be  managed 
or  secured.  Drawbacks:  no  speakers,  so  it’s 
not  great  for  playing  World  of  Warcraft 
online. 

Why  is  it  worth  watching?  Some  early 
users  are  taking  Redfly  and  deploying  it 
along  with  remote  access  and  virtualized 
desktops. 

How  did  the  company  get  its  start?  Main 
investor  VSpring  Capital  had  the  idea  that 
the  smartphone  should  be  and  could  be  the 
only  computer  anyone  needed.  But  to  make 
that  possible  required  exactly  what  the 
handsets  sacrifice:  a  big  screen  and  a  full 
keyboard.  Redfly  was  designed  to  fill  the 
gap. 

CEO  and  background:  Kirt  Bailey,  whose 
previous  job  was  director  of  strategic  invest¬ 
ments  at  Intel  Capital.  Earlier,  he  was  gener¬ 
al  manager  for  Intel’s  Network  Components 
Division,  a  $  100-mi  11  ion-a-year  business. 


Celio’s  Redfly  device  is  the  ultimate 
Windows  mobile  accessory,  the  com¬ 
pany  says. 


GainSpan 

Founded:  September  2006,  as  a  spinout 
from  Intel 

Location:  Los  Gatos,  Calif. 

What  does  the  company  offer?  A  802. 1  lbg 
implementation  via  a  dual-core  ARM  sys- 
tem-on-a-chip  and  software,  which  uses  so 
little  power  that  Wi-Fi-based  sensors  can  be 
run  for  years  on  simple  batteries.  An  aston¬ 
ishing  achievement  when  you  think  how 
long  you  can  run  a  notebook’s  Wi-Fi  radio 
before  getting  a  blank  screen. 

Why  is  it  worth  watching?  It  introduces  IP 
and  802.11  as  a  viable,  proven 
technology  for  wireless  sensor 
networks  that  can  be  easily 
integrated  with  the  enterprise, 
without  gateways  or  separate 
networks  and  protocols  stacks. 

How  did  the  company  get  its 
start?  The  company  incubated 
in  Intel’s  New  Business 
Initiatives  Group,  where  co-founders  Vijay 
Parmar  and  CTO  Lewis  Adams  explored 
sensor  networks,  drawing  on  work  by  Intel 
Research,  and  talking  extensively  with 
potential  customers  in  building  automation 
and  industrial  markets. The  constant  refrain: 
“we  want  IP”  and  “we  want  integration  with 
the  enterprise.” 

CEO  and  background:  Vijay  Parmar,  also 
president,  who  headed  the  Intel  business 
unit  that  was  the  basis  of  the  GainSpan  spin¬ 
out;  formerly  an  executive  with  VxTel,  a  VoIP 
silicon  company,  and  with  AMD  in  that 
company’s  networking,  communications 
and  personal  computing  businesses. 

Mojix 

Founded:  Incorporated  August  2003;  for¬ 
mally  launched  April  2008 

Location:  Los  Angeles 

What  does  the  company  offer?  The  Mojix 
STAR  System,  a  distributed  passive  RFID  sys¬ 
tem  that  lets  a  single  Mojix-patented  anten¬ 
na  array  read  tag  emissions  as  far  as  1 ,000 
feet  away,  compared  with  the  typical  RFID 
reader  range  of  30  feet.  Mojix  splits  the 
reader  in  two:  the  beaming  to  tags  is  done 
by  eNodes,  which  can  be  easily  set  up 
anywhere.They’re  wired  (and  in  future  wire¬ 
lessly  linked)  to  the  Wow  Thing;  the  STAR 
Receiver,  which  uses  some  signal-process¬ 
ing  technology  drawn  from  NASA,  for  read¬ 
ing  very  faint  signals  from  deep  space 
probes. 

Why  is  it  worth  watching?  The  Mojix  tech¬ 
nology  could  finally  make  it  cost-effective 
to  deploy  full-blown  RFID  systems  across 
big,  and  numerous,  distribution  and  manu¬ 
facturing  facilities,  giving  enterprises  what 


they  want:  visibility  into  where  stuff  is. 

How  did  the  company  get  its  start?  The 
signal  processing  technology  was  devel¬ 
oped  by  Mojix  founder  Ramin  Sadr,  who 
began  applying  it  to  software-defined  radio 
research,  and  then  focused  the  research  on 
a  commercial  product  for  the  RFID  market. 

CEO  and  background:  Ramin  Sadr,  holder 
of  15  NASA  achievement  and  recognition 
awards  for  his  work  in  the  space  program. 
His  previous  entrepreneurial  gig  was 
founder,  president  and  CEO  of  Telecom 
Multimedia  Systems,  which  created  WAN 
infrastructure  gear. 

Ozmo  Devices 

Founded:  December  2004,  as  H-Stream 
Wireless 

Location:  Palo  Alto 

What  does  the  company  offer?  A  driver  for 
Windows  laptop,  and  a  small,  low-power,  Wi¬ 
Fi  silicon-and-software  component  that 
manufacturers  build  into  headsets,  mice, 
keyboards,  printers,  speakers,  Webcams  and 
anything  else  you  might  want  to  connect  to. 
In  effect,  a  laptop’s  Wi-Fi  radio  becomes  an 
access  point  for  these  peripheral  devices. 
The  9Mbps  connections  are  point  to  point 
within  a  30-foot  range,  and  can  use  both  the 
2.4GHz  and  5GHz  bands. 

Why  is  it  worth  watching?  If  peripheral 
vendors  buy  into  this  scheme  and  install 
the  Ozmo  silicon, you’ll  be  able  to  dispense 
with  Bluetooth  and  create  an  extensive 
wireless  personal  area  network  based  on 
your  PC’s  Wi-Fi  adapter,  as  easily  as  plugging 
USB  devices  into  a  USB  host  controller. 

How  did  the  company  get  its  start?  Co¬ 
founder  Katelijn  Vleugels  had  been  design¬ 
ing  analog  and  radio-frequency  circuits  for 
wireless  LAN  chipsets  at  Atheros.  According 
to  Roel  Peeters,  her  husband  and  co¬ 
founder,  (currently  Ozmo’s  vice  president 
of  marketing),  by  2004,  she  was  convinced 
that  Wi-Fi  could  network  all  kinds  of 
devices,  not  just  PCs,  and  was  frustrated 
with  the  limitations  of  Bluetooth.  She  start¬ 
ed  puzzling  over  how  to  connect  peripher¬ 
als  via  Wi-Fi  signals. 

CEO  and  background:  Dave  Timm,  former¬ 
ly  managing  director  and  founder  of  the 
notebook  power  business  unit  for  Maxim 
Integrated  Products,  where  he  spent  15 
years.  It  grew  to  a  $250-million-a-year  busi¬ 
ness. 

Strata8 

Founded:  Incorporated  December  2006 

Location:  Bellevue, Wash. 

What  does  the  company  offer?  Local  area 
cellular  service  for  the  enterprise,  via  its 
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Visage’s  MobilityCentral  lets  customers  see  business 
information  on  a  virtualized  screen. 


Wireless 

continued  from  page  14 

own  spectrum  in  the  1900MHz  band,  avail¬ 
able  in  16  U.S.  markets.  It  provides  unlimit¬ 
ed  free  calls  to  all  Strata8  cell  phones  in  a 
company,  to  other  Strata8  subscribers  and 
to  desk  phone  extensions  via  integration 
with  the  corporate  PBX.  Outside  the  office, 
cellular  calls  roam  to  Sprint’s  network. 

Why  is  it  worth  watching?  In  effect,  it’s  like 
a  personal  cellular  service  for  the  enter¬ 
prise,  which  means  potentially  big  savings 
on  per-minute  costs.  Strata8  estimates  that 
many  companies  can  cut  their  cellular  bills 
by  half.  The  PBX  integration  links  what  is 
often  two  separate  worlds. 

How  did  the  company  get  its  start?  The 
five  founders,  all  telecom  vets,  saw  enter¬ 
prises  with  out-of-control  wireless  expenses 
that  were  served  by  carriers  that  focused 
on  consumers.  A  local  cell  service  targeted 
at  the  enterprise  offered  potentially  better 
control,  savings  and  service. 

CEO  and  background:  Andrew  Buffmire, 
one  of  the  original  five  founders,  was  previ¬ 
ously  director  of  business  development  and 
strategy  in  Microsoft’s  Unified  Commun¬ 
ications  Group.  Before  that  he  was  CEO  for  a 
hosted  VoIP  carrier  and  an  executive  at 
UbiquiTel.one  of  Sprint’s  biggest  affiliates. 

SynapSense 

Founded:  May  2006 

Location:  Folsom,  Calif. 

What  does  the  company  offer?  SynapSoft 
4.0,  a  wireless  sensor-based  system  to  moni¬ 
tor  and  manage  energy  use  and  cooling  in 
big  data  centers.  The  battery-powered  sen¬ 
sors  are  placed  throughout  the  data  center, 
including  the  subfloor  area,  and  the  read¬ 
ings  are  used  to  create  a  real-time  model  of 
the  center’s  temperature  ranges,  air  pressure 
and  energy  use  over  time.  The  results  can 
be  used  to  change  air-flow  directions,  air 
pressure,  cut  back  on  overcooling  and  make 
energy  use  overall  more  efficient. 

Why  is  it  worth  watching?  To  keep  data 
centers  problem  free,  administrators  typical¬ 
ly  over-cool  them,  an  increasingly  costly 
solution  in  terms  of  total  energy  spending, 
and  losing  electricity  that  could  go  to  pow¬ 
ering  the  center’s  equipment.  Yahoo  re¬ 
ported  in  July  that  in  a  trial  run  using 
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SynapSense  in  one  8,000-square-foot  room 
in  its  massive  data  center,  it  reduced  cool¬ 
ing  energy  use  by  21%  and  projected  yearly 
energy  savings  of  $563,000. 

How  did  the  company  get  its  name? 
“Synapse”  is  a  term  representing  the  synap¬ 
tic  nerve  system,  which  uses  electrical  puls¬ 
es  enabling  communications  through  the 
central  nervous  system;  “sense”  for  sensing. 

CEO  and  background:  Peter  Van  Deventer, 
a  10-year  Intel  veteran  who  worked  in  the 
chip  maker’s  mobile  product  group,  flash 
memories,  and  global  sales  and  marketing. 
In  the  last-named  role,  he  was  involved  in 
the  rollout  of  the  Centrino  mobile  platform. 

Varaha  Systems 

Founded:  April  2003 

Location:  Dallas 

What  does  the  company  offer?  uMobility,  a 
set  of  three  applications  that  together  create 
a  secure,  optimized  connection  for  data  as 
well  as  voice,  and  for  cellular-only  phones 
as  well  as  more  advanced  Wi-Fi/cellular 
phones.  The  software  spans  different  kinds 
of  cellular  and  Wi-Fi  networks,  and  is 
designed  to  extend  desktop  PC  and  phone 
(via  Session  Initiation  Protocol  PBX  sup¬ 
port)  desktop  phone  features  to  mobile 
devices. 

Why  is  it  worth  watching?  Varaha  sees  the 
mobile  phone  as  a  platform  for  data  as  well 
as  voice  applications.  The  goal  is  to  forge  a 
secure,  high-quality,  reliable  link  between 
mobile  phone  users  and  the  enterprise  data 
and  voice  features  they  need  to  do  their 
jobs  effectively. 

How  did  the  company  get  its  start?  The 
founders  saw  the  opportunity  to  create  a 
“mobile  desk”  —  enabling  cell  phones  as 
the  primary  communications  tool,  by 
exploiting  enterprise  data  and  voice  fea¬ 
tures  that  have  only  been  available  to  office 
workers. 

CEO  and  background:  Jogen  Pathak,  co¬ 
founder,  formerly  founder  and  CTO  for 
Cyneta  Networks.  He  holds  several  patents 
in  wireless  and  convergence. 


Visage  Mobile 

Founded:  Originally 

formed  in  October  2001, 
providing  back-office 
subscriber  management 
functions  for  mobile  vir¬ 
tual  network  operators 
(MVNOs)  such  as  Disney 
Mobile;  acquired  Agistics 
in  June  2007,  has  just  sold 
off  its  original  product  to 
reinvent  itself  as  an  enter¬ 
prise  mobility  manage¬ 
ment  company 
Location:  San  Francisco 
What  does  the  company 
offer?  MobilityCentral,  a 
hosted  software  service 
launched  in  April  2008.  It 
pulls  user  information  from  enterprise 
directories,  along  with  data  pulled  from 
deployed  mobile  devices,  and  account  data 
from  cellular  carriers.  It  correlates  all  this  to 
create  up-to-date  Web  dashboard  reports  on 
the  devices,  their  software  loads  and  usage. 
Planned  cellular  minutes  and  spending  can 
be  compared  with  actual  usage  data,  for 
example.  Monthly  fee  is  typically  about  $5 
per  user. 

Why  is  it  worth  watching?  It  means  scrap¬ 
ping  all  those  Microsoft  Excel  spreadsheets 
used  to  keep  track  of  this  stuff,  and  getting  a 
centralized,  accurate,  up-to-date  picture, 
based  on  hard  data,  about  how  a  business  is 
using,  or  misusing,  cellular  resources. 

How  did  the  company  get  its  start?  The  orig¬ 
inal  software  was  developed  by  Agistics, 
under  CEO  Dean  Alms,  who’s  now  general 
manager  for  the  hosted  service  at  Visage 
Mobile. Visage  Mobile  acquired  the  company 
to  exploit  a  growing  need  for  enterprise  con¬ 
trol  over  burgeoning  cellular  costs. 

CEO  and  background:  Executive 
Chairman  Tim  Weingarten  is  the  acting 
CEO,  taking  over  from  Matt  Johnson,  one  of 
Visage’s  co-founders.  Johnson  left  after  the 
recent  sale  of  the  MVNO  business  to 
explore  new  opportunities,  according  to  a 
spokeswoman.  Weingarten  has  been  a  gen¬ 
eral  partner  at  Worldview  Technology 
Partners  for  eight  years.  He’s  been  a  seed 
investor  and  director  of  several  start-ups, 
including  Cogent  Communications  and 
Force  10  Networks. 

Wireless  Grids  Corp. 

Founded: 2004 

Location:  Syracuse,  N.Y. 

See  Wireless,  page  16 


ONLINE:  More  info 

Read  an  expanded  listing  with  more 
details  about  these  wireless  companies. 
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continued  from  page  6 

ization  platforms  and  gives  customers  several 
licensing  options  tailored  both  for  small  busi¬ 
nesses  and  large  enterprises. 

‘Allowing  Standard  Edition  Windows  Server 
OS  licenses  to  be  assigned  directly  to  a  VM  and 
move  with  a  VM  without  restriction  is  all  that  is 
needed  for  Microsoft  to  offer  the  most  nearly 
ideal  licensing  terms, ’’Wolf  wrote. 

Most  vendors  are  making  a  good-faith  effort 
to  offer  fair  licensing  terms,  says  analyst 
Charles  King  of  Pund-IT  Research.“Vendors  are 
working  hard  to  come  up  with  schemas  that 
work  well  and  are  fair  to  them  and  the  end  cus¬ 
tomer”  he  says. 

But  adapting  licensing  to  data  centers  where 
virtual  machines  can  be  created  in  an  instant 
and  moved  just  as  quickly  is  challenging.  Multi¬ 
core  processors  add  to  the  complexityVendors 
are  still  grappling  with  the  question  of  whether 
to  charge  license  fees  for  each  server,  core  or 
socket,  or  use  some  other  calculation  to  deter¬ 
mine  the  value  of  software.  Virtualization, 
meanwhile,  lets  IT  managers  operate  multiple 
virtual  servers  on  a  single  core. 

In  virtualized  data  centers  designed  for  high 
availability,  “you’ve  got  the  ability  to  spin  up 
additional  virtual  machines  as  your  processing 
demands  increase,”  King  says.  “The  difficulty 
with  software  licensing  is  how  you  keep  track 
of  how  many  virtual  machines,  how  many 
applications,  or  how  many  iterations  of  the 
operating  system  you’re  running  at  any  time. . . . 
It’s  an  interesting  can  of  worms.” 

Customers  often  devise  workarounds  to 
avoid  punitive  licensing  terms.  Robert  Wicks, 
senior  AIX/Linux  systems  administrator  at 
Rollins,  an  Atlanta  pest-control  company  says  a 
couple  of  small  software  vendors  charge 
Rollins  for  all  the  cores  in  a  server  even  if  the 
application  is  only  using  some  of  them.  The 
solution:  Run  the  software  on  older  hardware 
with  fewer  processors. 

“It’s  very  inconvenient.  We’ll  probably  have  to 


Wireless 

continued  from  page  15 

What  does  the  company  offer?  Inno- 
vaticus,  in  beta  test  with  students  at 
Syracuse  University:  software  that  lets  wire¬ 
less  (and  wired)  devices  negotiate  auto¬ 
matically  with  each  other  to  share  any  kind 
of  digital  content.  Innovaticus  users  create 
and  manage  their  personal  network  of 
devices,  and  designate  files  (and  soon 
devices  such  as  screens,  disk  drives,  speak¬ 
ers,  keyboards,  printers  and  digicams)  for 
access  and  use  from  anywhere  by  other 
Innovaticus  users. 

Why  is  it  worth  watching?  Think  of  it  as  a 
structure  for  mobile  spontaneity:  Personal 
or  business  devices  become  part  of  an 
interoperable  grid  that  amplifies  what  can 

be  done. 


Companies  stymied  by  virtualization  licensing 


Why  it’s  a  problem:  Virtualization  lets  customers  run  many  pieces  of  soft¬ 
ware  on  a  single  physical  server,  upsetting  traditional  per-server  licensing 
schemes  preferred  by  vendors. 

Specific  challenges: 

•  Licensing  policies  vary  widely  from  vendor  to  vendor. 

•  Licenses  that  bind  software  to  physical  hardware  prevent  movement  of  virtual 
machines. 

•  Tracking  and  managing  licenses  is  more  complicated,  causing  customers  to  fall  out  of 
compliance. 

Recommendations: 

•  Demand  virtualization-friendly  licenses  from  vendors. 

•  Consider  license  complexity  in  all  purchasing  decisions. 

•  Favor  vendors  that  offer  a  choice  of  licensing  terms  and  have  removed  restrictions  on 
virtual  machine  mobility. 


address  the  issue  at  some  point,”  Wicks  says. 

Such  problems  occur  when  vendors  don’t 
update  their  policies  to  reflect  the  realities  of 
server  virtualization,  Wolf  says.  “There  are  still 
vendors  who  have  no  clearly  defined  licensing 
policy  for  virtual  environments.  The  biggest 
offender  is  Oracle.” 

Say  you’re  running  Oracle’s  database  on  a 
four-socket  server  with  four  cores  each,  16 
cores  in  all.  Even  if  you’re  only  running  the 
database  on  a  few  cores,  Oracle  will  charge 
you  for  all  16. 

“You  have  to  pay  for  all  available  CPUs  on  a 
physical  server^’  Wolf  says.  “That  discourages 
organizations  from  virtualizing  Oracle  applica¬ 
tions.” 

Oracle  declined  requests  for  comment. 

Ari  Kaplan,  president  of  the  Independent 
Oracle  Users  Group,  doubts  this  licensing  issue 
would  harm  customers.  Most  people  virtualiz¬ 
ing  an  Oracle  database  will  use  all  the  CPUs 


How  did  the  company  get  its  start?  The 

intellectual  property  grew  out  of  a  National 
Science  Foundation  grant  to  Lee  McKnight, 
an  associate  professor  at  Syracuse’s  School 
of  Information  Studies,  for  research  on 
“Virtual  Markets  in  Wireless  Commun¬ 
ication  and  Computational  Grids.”The  com¬ 
pany  was  formed  to  obtain  exclusive 
license  to  the  intellectual  property,  then 
commercialize  it. 

CEO  and  background:  Lee  McKnight,  also 
chairman  and  founder.  He  was  a  co¬ 
founder  of  the  Internet  Governance  Project 
and  co-director  of  the  Wireless  Grids  Lab, 
both  at  the  University  of  Syracuse.  He’s 
president  of  Marengo  Research,  a  consult¬ 
ing  and  investment  management  firm.  He  is 
co-author  or  co-editor  of  four  MIT  Press 
books  and  more  than  50  peer-reviewed 
academic  publications.® 


available,  anyway  he  says. 

“It  seems  more  like  a  theoretical  case,” 
Kaplan  says. 

Oracle  user  Mitch  Dysart,  the  IT  director  of 
operations  and  chief  technology  architect  at 
Ohio  State  University  in  Columbus,  says  he’s 
avoided  any  pricing  penalties  with  a  single 
license  covering  his  whole  deployment. 

“We  have  an  enterprise  site  license  for 
Oracle,  so  it’s  not  really  an  issue,”  says  Dysart, 
who  makes  extensive  use  of  VMware’s  hyper¬ 
visor. 

Things  can  quickly  get  confusing  if  your  ven¬ 
dor  charges  for  each  instance  of  an  applica¬ 
tion,  says  Marty  Kacin.CTO  and  co-founder  of 
Kace  Networks,  which  offers  management 
tools  that  keep  track  of  software  running  on 
physical  and  virtual  machines. 

“As  you  start  to  deploy  virtual  machines  ... 
you  are  deploying  more  operating  systems  that 
need  to  be  licensed  and  metered,”  Kacin  says. 
“Every  time  you  tell  your  systems  management 
tool  that  you  want  to  spin  up  a  new  virtual 
machine,  all  of  a  sudden  you’re  deploying 
operating  system  and  application  licenses  to 
people  whether  you  like  it  or  not.” 

VMware  user  Jack  Story,  the  CTO  of  Info¬ 
crossing,  hopes  application  vendors  come  up 
with  simpler  licensing  models.  “It  would  be 
really  nice  if  we  could  just  have  a  very  simple 
licensing  model.  That’s  not  the  case  toda>(  he 
says. 

Microsoft’s  announcement  this  week  could 
help  in  this  regard.  Wolf,  for  one,  is  optimistic 
that  licensing  problems  will  all  be  sorted  out, 
though  it  may  take  a  while. 

“Vendors  are  honestly  trying  to  do  the  right 
thing  here,”  Wolf  says.  “The  trick  for  them  is  to 
develop  a  model  that  is  fair  to  them  and  pro¬ 
tects  their  revenues,  is  fair  to  their  clients  and  is 
something  that’s  going  to  be  able  to  last  for  a 
few  years.  They  don’t  like  to  have  to  change 
licensing  models  on  a  whim.”® 
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Your  business  may  be  small,  but  isn’t  it 
essential  to  you  and  your  customers? 
Now  there  is  no  reason  to  go  without 
a  disaster  recovery  strategy  to  protect 
your  IT  assets  and  data. 


With  virtualization  and  Vizioncore,  you 
can  have  everything  you  need  to  put  a 
SIMPLE,  RELIABLE  and 
AFFORDABLE  disaster  recovery 
plan  in  place.  Let  the  experts  from 
Vizioncore  explain  how  any  size 
business  can  leverage  this 
exciting  new  technology  to 
implement  a  solution 
that  is  right  for  you. 


ifr 


las  Vegas! 

sepi.  2008 

Booth  52^^# 


as 


si 


YOUR  TICKET 
TO  THE  EXPERTS 


Vizioncore  presents  an  extensive  offering  of  webinars  on 
various  topics  to  help  users  of  all  levels  of  expertise  get  the 
knowledge  they  need  from  industry  professionals  who  can 
put  all  of  your  questions  to  rest. 


The  Benefits  of  ‘Green  IT’  &  Virtualization 

Tues.,  Aug.  26,  2008,  at  3:00  p.m.  CDT 


Top  10  Tips  for  Successful  Conversions 

Thurs.,  Aug.  28,  2008,  at  10:00  a.m.  CDT 


Register  for  any  of  these  webinars  at:  www.vizioncore.com/webinar 
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LESSONS  FROM  LEADING  USERS 


Fidelity  embraces  massive  virtualization  project 

Mutual  fund  company’s  virtualization  plans  include  x86,  high-end  RISC  servers 


**By  applying  a  hypervisor,  even  if  we  have 
one  application  on  one  box,  we  completely 
change  our  service  models,  we  change  our 
provisioning  models,  and  we  provide  opti¬ 
mized  service  management.  55 

Michael  Brady 

Senior  vice  president,  Fidelity  Investments 


BY  JON  BRODKIN 

A  huge  server  virtualization  project  is 
under  way  at  Fidelity  Investments,  as  the 
nation's  largest  mutual  fund  company 
focuses  on  creating  a  more  streamlined 
and  adaptive  IT  infrastructure  better  able 
to  serve  the  needs  of  more  than  40,000 
employees  and  24  million  individual  and 
corporate  customers. 

Targeting  x86  and  high-end  RISC 
servers,  Fidelity  is  planning  to  virtualize 
the  "vast  majority”  of  its  servers  within 
the  next  several  years,  says  Michael 
Brady,  a  senior  vice  president  in  Fidel¬ 
ity’s  technology  group  in  Boston.  Fidelity 
also  is  consolidating  its  U.S.  data  cen¬ 
ters,  concentrating  server  power  more 
densely  into  a  smaller,  more  manage¬ 
able  number  of  facilities. 

Fidelity’s  major  technology  goals,  which 
also  include  standardizing  systems  rather 
than  taking  a  best-of-breed  approach,  are 
geared  toward  building  tiered  offerings 
that  give  each  application  the  resources  it 
needs  without  wasting  server  power  on 
those  that  don’t  require  the  highest  levels 
of  performance. 

"When  you  scale  infrastructure,  histori¬ 
cally  it  was  built  to  be  as  [powerful]  as  the 
highest-performing  application  needed, 
and  everything  else  would  benefit  from 
that,”  Brady  says.  “Now  we’re  looking  at 
providing  several  different  options  of  per¬ 
formance.  We  don’t  have  a  one-size-fits- 
all  approach." 

Brady  is  responsible  for  Fidelity’s  infra¬ 
structure  and  engineering,  overseeing 
mainframes,  x86  and  RISC  servers,  net¬ 
work  and  phone  systems,  databases,  mid¬ 
dleware  and  operating  systems. 

Brady  wouldn’t  reveal  specifics  about 
Fidelity's  technology,  such  as  the  num¬ 
ber  of  data  centers  the  company  oper¬ 
ates  or  which  hardware  or  virtualization 
vendors  the  company  buys  from.  In  an 
interview  with  Network  World,  he 
spoke  generally  about  the  major  themes 
that  Fidelity’s  IT  department  finds  im¬ 
portant:  virtualization,  consolidation 
and  standardization. 

The  advantages  of  server  virtualization 
are  numerous,  Brady  notes.  “Box  consoli¬ 
dation”  is  just  a  "fringe  benefit,”  he  says. 
Simplifying  and  automating  maintenance 
by  treating  everything  as  a  virtual  applica¬ 
tion  is  a  big  time-saver. 

“Today  an  application  has  so  many 


hooks  into  an  operating  system  and  a 
platform,  that  maintenance  has  to  be 
done  concurrently,  and  it’s  a  very  complex, 
time-consuming  process,”  Brady  says. 

“By  applying  a  hypervisor,  even  if  we  have 
one  application  on  one  box,  we  com¬ 
pletely  change  our  service  models,  we 
change  our  provisioning  models,  and  we 
provide  optimized  service  management.” 

Fidelity  began  virtualizing  servers 
almost  three  years  ago,  and  is  broadening 
that  effort.The  key  isn’t  really  choosing 
the  right  vendor,  whether  it  beVMware  or 
Microsoft,  Brady  says.The  important 
thing  is  breaking  the  bond  between  hard¬ 
ware  and  application  across  nearly  all 
Fidelity’s  infrastructure. 

Just  about  any  application  is  a  candi¬ 
date  for  virtualization,  but  some  will  be 
pushed  off  until  near  the  end  of  the  pro¬ 
ject  due  to  complexity.The  virtualization 
of  high-end  RISC  systems  with  signifi¬ 
cant  scaling  needs  will  have  to  wait, 
partly  because  RISC  virtualization  soft¬ 
ware  is  less  mature  than  x86  hypervi¬ 
sors,  Brady  says. 

Virtualization  isn't  limited  to  servers 
at  Fidelity.  Storage  and  desktop  virtual¬ 
ization  are  also  improving  flexibility. 
Ongoing  projects  involving  storage  vir¬ 
tualization  and  thin  provisioning  — 
which  lets  you  present  an  application 
with  more  storage  capacity  than  is  phys¬ 
ically  allocated  to  it  —  will  make  it  eas¬ 
ier  for  Fidelity  to  have  tiers  of  storage  in 
which  data  can  easily  be  moved  from 
high-performing  to  lower- performing 
storage  tiers  as  needs  change. 

When  you  dedicate  storage-area  net¬ 
works  to  individual  servers,  “you  are  not 
being  nearly  as  efficient  as  when  you  allo¬ 
cate  and  dynamically  change  storage 
pools  server  by  server,"  Brady  says. 

With  desktop  virtualization,  the  goal 
once  again  is  breaking  the  bonds  that  tie 


together  applications,  data  and  hardware. 
Fidelity  is  piloting  a  few  different  technolo¬ 
gies  on  this  front. 

“We  have  an  opportunity  to  consolidate 
the  raw  number  of  devices.  We  have 
more  desktop  computers  than  employees 
by  a  fair  amount,”  Brady  says.  "At  the 
end  of  the  day,  it’s  about  centralizing  our 
users’  data.” 

A  related  initiative  will  lower  Fidelity’s 
PC  energy  needs.This  ongoing  project 
involves  a  centralized  management  system 
that  can  put  desktops  to  sleep  and  wake 
them  up  automatically  for  patching  and 
other  management  purposes. 

"If  you  look  at  the  standard  desktop 
using  as  much  energy  as  a  110-watt  light 
bulb,  it’s  like  leaving  every  light  bulb  in 
your  house  burning  seven  days  a  week,” 
Brady  says. 

Fidelity,  which  manages  $3.2  trillion  in 
customer  assets,  operates  data  centers 
throughout  the  country,  and  has  “a  few 
more  than  we  need,"  Brady  says.  It’s 
important  for  Fidelity  to  have  geographi¬ 
cally  distributed  data  centers,  but  the 
company’s  technology  group  is  in  the 
process  of  collapsing  its  server  rooms  into 
fewer,  higher-density  facilities.  ■ 


Data  center  event 

If  your  data  center  was  designed 
pre-Internet,  you  are  at  a  competi¬ 
tive  disadvantage.Technologies  such 
as  virtualization,  blade  computing 
and  next-generation  switching  and 
routing  compel  a  total  rethink  across 
the  enterprise.  Share  in  the  rethink¬ 
ing  by  attending  IT  Roadmap:  Dallas 
on  Sept.  23  for  free.  Qualify  at 

www.nwdocfinder.com/5732 
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Transit  officials  don’t  understand  publicity 


Imagine  you  work  for  the  transportation 
authority  in  a  major  U.S.  city  Your  organiza¬ 
tion  deployed  a  fare  collection  system  over 
the  last  few  years  that  uses  both  prepaid  mag 
stripe  and  prepaid  RFID-based  fare  cards.  Now 
imagine  that  one  of  your  suppliers  points  out 
the  agenda  of  a  security  conference  where 
someone  is  going  to  give  a  talk  whose  descrip¬ 
tion  starts  out  with:“Want  free  subway  rides  for 
life?”The  description  goes  on  to  say  that  the 
talk  will  show  how  to  break  your  new  fare 
cards.  What  would  you  do? 

If  you  worked  for  the  Massachusetts  Bay  Transportation  Authority 
(MBTA)  you  might  freak  out  and  start  throwing  lawyers.  In  fact,  that  is 
what  just  happened.  (See  “Massachusetts  transit  agency  sues  to  stop 
hacker  talk”,  www.nwdocfinder.com/6237.) 

I  suppose  there  could  be  dumber  things  to  do  in  this  circumstance, 
but  it  might  take  a  while  to  think  of  one.  Actually  you  could  sue  after 
the  slides  for  the  presentation  had  already  been  distributed  to  the 
7,000  or  more  conference  attendees  and  you  could  append  a  copy  of 
a  white  paper  covering  the  talk,  thus  making  it  a  public  document. 

It  would  help  if  you  were  somewhat  clueless  about  security  and  did 
not  know  that  the  underlying  RFID  technology  your  fare  card  uses 
had  been  broken  earlier  this  year  and  the  cat  was  well  out  of  the  bag. 
(see  www.nwdocfinder.com/6238). 

By  suing,  the  MBTA  has  ensured  maximum  attention  to  the  fact  that 
its  fare  cards  are  breakable  and  cloneable.  If  they  had  ignored  the  situ¬ 
ation  the  story  would  have  likely  received  almost  no  coverage 
because  there  was  little  new  in  it.The  security  community  already 
knew  that  the  MBTA  RFID  cards  used  the  discredited  Mifare  Classic 


RFID  and  there  would  have  been  little  interest  in  yet  another  example 
of  breaking  a  technology  that  had  already  been  broken.  One  thing 
that  was  not  well  known  was  that  the  mag  stripe  card  was  poorly 
designed  from  a  security  perspective. The  MBTAs  lawsuit  has  ensured 
that  the  poor  design  will  now  be  known  by  tens  of  thousands,  if  not 
hundreds  of  thousands  more  people  than  would  have  found  out  if  the 
talk  had  gone  ahead. 

The  MBTA  defaulted  to  the  common  but  dumb  idea  that  if  security 
flaws  are  hidden  they  will  not  be  exploited. This  never  works  in  the 
long  run  and  is  counter  to  more  than  100  years  of  the  understanding 
of  security. 

One  can  excuse  the  MBTA  for  doing  what  it  did  —  the  people 
involved  were  unlikely  to  have  the  faintest  idea  about  either  the  effect 
of  calling  attention  to  the  talk  by  suing  or  the  futility  of  trying  to  hide 
security  flaws.  It’s  harder  to  excuse  the  judge  granting  the  MBTAs 
request  for  an  injunction  (something  that  did  not  happen  when  the 
makers  of  the  Mifare  Classic  chips  tried  to  block  Dutch  researchers 
disclosing  their  research  into  vulnerabilities  in  the  technology). 

It’s  also  hard  to  excuse  the  makers  of  these  cards  not  understanding 
that  they  would  get  far  better  security  if  they  asked  for  public  review 
of  their  technology  —  the  6-bit  checksum  on  the  mag  stripe  fare  card 
would  not  have  survived  five  minutes  of  such  review.  Sadly  there  is  no 
empirical  evidence  that  such  companies  learn  anything  from  experi¬ 
ence. 

Disclaimer:  Places  such  as  Harvard  University  endeavor  to  get  stu¬ 
dents  to  learn  without  having  to  experience  absolutely  everything  but 
the  above  discussion  represents  my  opinion,  not  the  university’s. 

Bradner  is  Harvard  University's  technology  security  officer.  He  can  be 
reached  at  sob@sobco.com. 
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Buying  bandwidth  for  fun  and  profit 


EYE  ON  THE 

CARRIERS 

Johna  Till  Johnson 


You’ve  got  to  hand  it  to  the  Canadians.  Not 
only  do  they  come  up  with  great  hockey 
outstanding  comedians  and  my  friend 
Dave  Keck  (an  up-and-coming  science  fiction 
writer)  they’ve  also  generated  one  of  the  most 
innovative  ideas  ever  for  last-mile  connectivity 
In  an  experiment  led  by  Bill  St.Arnaud, 
researcher  at  Canarie,  a  Canadian  government- 
funded  institution,  400  houses  are  being  wired 
with  optical  fiber  —  for  which  the  homeown¬ 
ers  will  pay  an  estimated  $2,700.The  fiber  con¬ 
nects  up  to  the  nearest  network  access  point, 

- and  homeowners  own  it  outright  —  meaning 

they  can  resell  it  with  their  homes,  or  lease  out 
capacity  to  their  neighbors. 

Here’s  why  this  is  a  great  idea.  First,  as  I’ve  mentioned  more  than 
once  —  carriers  don’t  actually  make  a  profit  on  the  last  mile,  which  is 
why  investment  in  last-mile  infrastructure  lags  behind  demand.  (Why 
would  carriers  rush  to  invest  in  technology  they  can’t  make  a  profit 
on?)  That  leaves  precious  few  choices  for  building  out  the  last  mile. 

Asking  homeowners  to  foot  the  bill  directly  ensures  that  bandwidth 
is  paid  for  by  the  folks  who  truly  value  it  —  the  ones  who  plan  on 
using  it.  In  fact,  in  many  respects  homeowners  are  already  voting  with 
their  dollars:  Many  (including  me)  will  only 
consider  moving  to  locations  served  by  top-tier 
connectivity  Both  my  parents  and  I  used 
“broadband  connectivity”  as  a  major  selection 
for  houses  we  purchased  within  the  past  few 
years. 

But  that’s  not  the  only  reason  this  is  a  great 
idea.  Positioning  last-mile  connectivity  as  mere¬ 


ly  another  housing  amenity  opens  up  all  sorts  of  interesting  scenarios. 
For  example,  homeowners  could  bundle  the  fiber  infrastructure  into 
their  mortgages  —  thus  making  that  $2,700  as  affordable  as  possible. 
And  it  solves  the  problem  of  universal  broadband  services  —  because 
if  last-mile  connectivity  is  considered  as  essential  as,  say  electricity 
then  existing  housing  subsidies  can  ensure  that  even  folks  with  limit¬ 
ed  resources  will  have  access.  Whatever  mechanisms  provide  these 
people  with  housing  and  utility  services  today  can  simply  be  extend¬ 
ed  to  help  them  purchase  (or  lease)  broadband  access. 

Yet  another  advantage:  It  makes  the  “net  neutrality”  issue  moot. 
Because  the  fiber  is  owned  by  the  homeowner,  there’s  no  risk  of  cen¬ 
sorship  at  the  last  mile.  And  because  the  connection  is  broadband, 
QoS  becomes  less  of  an  issue. 

Finally,  this  approach  neatly  segments  Internet  infrastructure  and  ser¬ 
vices.  Users  purchase  a  pipe  into  the  cloud  —  not  a  connection  into 
any  particular  backbone  network  or  set  of  services. Therefore,  content 
providers  can  continue  to  innovate  without  fear  that  users  and  cus¬ 
tomers  will  be  unable  to  access  their  content.  Carriers  can,  if  they 
wish,  focus  on  building  out  last-mile  infrastructure,  confident  their 
investments  will  be  paid  for.  Or  they  can  focus  on  backbone  services, 
and  let  local  municipalities  handle  the  actual  fiber  installation.  Either 
way,  they  can  charge  for  connectivity  to  their  routers  at  the  network 
access  points  —  thus  ensuring  a  continued  revenue  stream  to  support 

upgrades. 

The  bottom  line:  Buying  your  own  fiber  may 
be  the  best  bargain  yet. 


ISP  NEWS  REPORT 


Subscribe  to  our  free  newsletter: 

www.nwdocflnder.com/1007 


Johnson  is  president  and  senior  founding 
partner  at  Nemertes  Research ,  an  independent 
technology  research  firm.  She  can  be  reached  at 
johna@nemertes.  com. 
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Unifying  unified  communications 


BY  FRANCOIS  DEPAYRAS 

Integrating  enterprise  communication  tools  —  from  telephony  to  e-mail, 
conferencing  and  instant  messaging  —  is  the  key  to  delivering  a  richer 
collaboration  environment  that  increases  productivity  But  deployment 
and  management  of  UC  systems  can  be  daunting. 


Research  shows  the  average  organization 
today  supports  more  than  six  types  of  com¬ 
munications  devices  and  more  than  four  com¬ 
munications  applications.  It  takes  IT  an  aver¬ 
age  of  three  days  to  complete  the  provisioning 
and  configuration  of  devices  and  applications 
for  each  new  employee. 

And  the  pain  doesn’t  end  with  deployment. 
The  ongoing  management  of  the  complex 
ecosystem  of  directory,  e-mail,  mobility,  1M, 
VoIP  and  other  UC  applications  is  time-con¬ 
suming  and  expensive,  often  managed  in  silos 
rather  than  as  a  centralized  solution. 

As  adoption  of  UC  grows,  so  does  complex¬ 
ity  making  it  essential  to  find  a  way  to  stream¬ 
line  the  management  of  these  applications. 

Centralizing  administration  is  key  giving  the 
enterprise  the  ability  to  provision  and  manage 
collaboration  and  communications  applica¬ 
tions  through  a  single  platform.  By  using  the 
same  tool  to  manage  multiple  environments, 
IT  can  improve  productivity  and  attain  the 
fastest  ROI  when  deploying  applications. 

Automation  also  is  crucial.  As  noted,  get¬ 
ting  a  new  employee  online  takes  an  average 
of  72  hours  and  often  requires  multiple 
touch  points  to  configure  smartphone  appli¬ 
cations  such  as  Microsoft  Outlook  and  by 
automating  the  process,  organizations  can 
reduce  the  provisioning  time  to  seconds. 

Automating  the  provisioning,  deprovisioning 
and  management  of  users,  applications  and 
devices  enables  organizations  to  significantly 
reduce  errors,  downtime  and  cost  of  adminis¬ 
tration,  while  greatly  increasing  productivity, 
security  and  control  enforcement. 

As  each  application  is  tied  to  a  directory 
many  administrators  have  access  to  servers  to 
make  changes  to  user  creation,  deletion  or  any 
other  IT  task.The  proliferation  of  unauthorized 
changes  is  the  No.  1  reason  for  downtime,  pri¬ 
marily  due  to  misconfiguration  of  servers  by 
inexperienced  IT  employees.  Providing  a 
“proxy”  solution  that  ensures  the  correct 
procedure  for  each  action  will  dramatically 
reduce  ongoing  costs  and  human  errors. 

There  are  an  increasing  number  of  products 
on  the  market  that  promise  to  help  enterprises 
reduce  the  costs  of  delivering  and  maintaining 
UC  applications.  However,  not  all  of  them  pro¬ 
vide  the  range  of  capabilities  required  to  effec¬ 
tively  unify  UC.  Here  are  the  key  features  to 
consider. 


Provisioning  automation:  By  using  software 
that  automates  the  deployment  of  applica¬ 
tions,  organizations  can  save  time  and  cut 
down  on  errors.  Look  for  a  solution  that  offers 
the  following  automation  capabilities: 

•  Identity  (user)  management  across  multi¬ 
ple  applications. 

•  Predefined  templates  for  quick  provisioning. 

•  Deployment  and  import  tools  for  bulk 
provisioning. 


•  Application  health  monitoring. 

•  Efficient  capacity  allocation  and  tracking. 

•  Analytics  and  business  intelligence. 
Delegated  administration:  The  best  commu- 

nications-management  solutions  enable  ad¬ 
ministrators  to  delegate  administration  and 
control  to  other  administrators  based  on  their 
location  or  function.  A  system  that  can  offer 
automated  self-management  options  via  Web 


portals  allows  for  the  creation  of  multiple 
types  of  administrators  based  on  role,  location 
and  user  access  rights. 

Self-service:  Self-service  Web  portals  auto¬ 
mate  and  simplify  common  operations,  giv¬ 
ing  users  a  convenient  and  cost-effective 
means  of  troubleshooting  and  managing 
their  own  services. 

Device  management:  Some  solutions 
allow  device  updates  to  be  done  “over  the 
air,”  without  requiring  time  or  effort  on  the 
user’s  side.  They  also  allow  the  contents  on 
a  lost  or  stolen  device  to  be  “wiped”  so  that 
sensitive  documents  do  not  fall  into  the 
wrong  hands. 

Security:  The  best  solutions  sit  on  top  of 
existing  infrastructure,  leaving  it  unchanged, 
and  provide  a  user-friendly  management  inter¬ 


face  that  automates  tasks  and  ensures  proper 
policies  are  followed. 

By  deploying  a  single  solution  that  unifies 
UC  applications,  enterprises  can  improve  pro¬ 
ductivity,  lower  cost  of  ownership  and  reduce 
strain  on  the  IT  department. 

Depayras  is  vice  president  of  marketing  and 
alliances  at  Ensirn  in  Santa  Clara,  Calif. 
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The  diagram  displays  the  possible  components  of  a  unifying  framework,  offering 
a  new  approach  to  unified  communications  management.  Industry-standard  APIs 
allow  for  the  integration  of  the  provisioning  software  into  existing  ERP  or  other 
legacy  applications.  Such  tools  allow  enterprises  to  shift  development  efforts  to 
integration  of  third-party  applications  while  ensuring  core  infrastructure  is  managed 
via  a  single,  secure  solution. 
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Diagnostics,  monitoring  and  Flash 

F 


Mark  Gibbs 


*  irst  up  this  week  is  a  question  from  me: 
i  How  can  you  find  and  monitor  devices  that 
only  have  media  access  control  addresses? 
I  have  asked  many  companies  for  a  tool  to  do 
this  because  there  are  all  sorts  of  network 
GEARHEAD  devices  —  such  as  power  line  network  systems 
—  that  don’t  have  IP  addresses  and  it  appears 
there’s  nothing  available. 

I  have  yet  to  find  a  tool  that  can  find  and  “see” 
MAC-only  devices  other  than  the  utilities  provided  by  power-line  product 
vendors,  and  those  don’t  provide  any  kind  of  alerting  or  integration  with 
real  network  management  systems.  All  suggestions  gratefully  received. 

Speaking  of  tools,  there  are  a  few  I  use  all  the  time  that  I  would  like  to 
replace  with  something  better.  I’m  sure  I’m  not  alone  in  this.  For  us  die¬ 
hard  optimists  it  is  hard  not  to  hope  that  the  next  vendor’s  take  on  a 
word  processor, e-mail  client, calendar, synchronization  tool  orwhatever 
is  going  to  be  the  best  you’ve  ever  found.  This  software  Holy  Grail  is 
what  will  transform  your  computer  use  into  a  transcendental  experi¬ 
ence  and  propel  you  into  superhuman  productivity  You  hope. 

I  have  nothing  that  dramatic  for  you  this  week,  but  I  do  have  a  couple 
of  pretty  good  network  utilities  for  Windows:  a  suite  of  diagnostic  tools 
called  Netlnfo  and  a  monitoring  tool  called  NetGong. 

Both  of  these  titles  are  published  by  Tsarfin  and  have  been  evolving 
for  some  years  (I  last  mentioned  Netlnfo  in  2002). The  chaps  at  Tsarfin 
recently  invited  me  to  check  out  the  latest  versions,  Netlnfo  Version  6.5 
and  NetGong  6.5. 

Netlnfo  is  a  cleanly  designed  suite  providing  Local  Info  (Winsock,  net¬ 
work  adapter, and  IP  configuration  data), Connections  (local  socket  use 
data),  Ping, Trace  (traceroute),  Lookup  (DNS  resolution),  Finger  (does 
anyone  use  this  anymore?),  Whois,  Daytime  (another  antiquated  proto¬ 


col), Time  (Network  Time  Protocol),  Quote  (yet  another  service  with  a 
beard),  HTML  (a  Web  page  retrieval  and  raw  content  display), Scanner 
(an  IP  address  range  scanner), Services  (a  port  scanner)  and  E-mail  (an 
e-mail  address  validator). The  final  feature  is  Web  Center,  which  links  to 
Tsarfin’s  Web  site  and  provides  access  to  various  remote  online  diag¬ 
nostics,  such  as  ping  tools  in  different  cities. 

Netlnfo  provides  most  of  its  results  as  hierarchical  lists, and  right  click¬ 
ing  on  a  list  item  lets  you  jump  to  another  feature  (for  example,  from 
Ping  to  Trace)  or  alternatively  to  jump  and  use  the  currently  selected 
data.  Exceptions  to  this  exist  in,  for  example,  the  Connections  list  where 
connection-specific  functions  such  as  “terminate  the  selected  connec¬ 
tion”  are  available. 

For  $40  Netlnfo  is  a  good  deal,  but  featuring  facilities  that  are  more  or 
less  archaic  lets  the  suite  down.  I’d  rate  Tsarfin’s  Netlnfo  at  3  out  of  5. 

On  the  other  hand,  I’m  going  to  give  Tsarfin’s  NetGong  4.5  out  of  5. 
NetGong,  also  $40,  does  one  thing  well:  It  is  a  simple,  robust  ping-based 
server  monitoring  tool  that  can  produce  pop-up,  audible  and  e-mail 
alerts  as  well  as  log  events  to  a  file  and  optionally  run  any  application 
when  a  server  is  detected  as  down.  For  simple  monitoring,  NetGong 
does  its  job  very  well  and  inexpensively 

My  final  topic  for  today,  a  new,  slimmed  down  version  of  Swish  Max2, 
published  by  Swishzone.com,  called  Swish  minimMax2. 

If  you  are  putting  together  a  presentation  explaining  what  you  do  to 
the  bigwigs  and  want  to  author  simple  Flash  content  that  uses  text 
effects  or  simple  animations,  this  product  looks  to  be  a  terrific  tool  for 
$100.  I’ve  only  just  got  my  hands  on  it  so  I’ll  reserve  giving  it  a  score  until 
I’ve  had  a  chance  to  break  it. 

Gibbs  breaks  stuff  professionally  in  Ventura ,  Calif.  Send  your  damage 
assessment  to  gearhead@gibbs.com. 


Gadgets  get  Wi-Fi  right  (Part  1) 
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COOLTOOLS 


am  often  cautious  of  devices  that  claim  to 
have  Wi-Fi  functionality  and  support,  mainly 
because  connecting  to  Wi-Fi  (especially 
secure  Wi-Fi)  can  be  tricky  for  devices  that 
don’t  utilize  a  browser  or  some  other  good 
input  method.  In  the  past,  several  devices  I’ve 
tried  (digital  photo  frames,  cameras,  printers) 
have  failed  to  connect  to  my  network  because 
the  configuration  issues  weren’t  completely  ham¬ 
mered  out  by  the  vendor. 

Fortunately  things  have  gotten  better  —  over  the  next  two  weeks  I’m 
highlighting  two  new  devices  that  get  the  Wi-Fi  connection  right,  and 
use  Wi-Fi  to  enhance  their  product  offerings. 

The  scoop:  Eye-Fi  Explore,  by  Eye-Fi,  about  $130. 

What  it  is:  The  latest  version  of  the  Wi-Fi-enabled  SD  card,  the  Eye-Fi 
Explore  gives  wireless  access  to  older  SD-supported  dig¬ 
ital  cameras.The  new  version  also  utilizes  Wi-Fi  signal  tri¬ 
angulation  to  provide  unlimited  geo-tagging,  which 
attaches  a  geographical  location  to  photos.The  card  also 
includes  one  year  of  free  hot-spot  access  at  more  than 
10,000  Wayport  Wi-Fi  locations,  mainly  at  McDonald’s 
restaurants  (after  the  first  year,  access  to  this  feature  costs 
$19  per  year).  Photos  taken  with  the  Eye-Fi  card  are  auto¬ 
matically  uploaded  to  a  user’s  PC  (if  the  card  is  con¬ 
necting  via  the  home  Wi-Fi  network)  as  well  as  more 
than  20  supported  online  photo-sharing  sites. 

Why  it’s  cool:  The  guy  above  me  (Mark  Gibbs)  wrote 
about  his  enjoyment  of  the  Eye-Fi  card  a  few  months  ago 
(www.nwdocfinder.com/6231),  and  1  couldn’t  agree 
more  with  his  assessment.  Having  the  ability  to  automat¬ 
ically  upload  photos  from  a  digital  camera  and  have  the 
photos  go  into  your  PC  (via  your  wireless  LAN)  as  well  as 
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the  online  sharing  service  saves  a  boatload  of  time  that  would  have 
been  spent  loading  your  photo  card  into  a  PC  and  then  copying  images 
over.  Having  the  geo-tagging  ability  on  the  $130  version  is  nice  but  only 
useful  for  those  people  really  into  geo-tagging  (I’m  a  bit  hesitant  to  geo¬ 
tag  photos,  mainly  because  most  of  my  photos  are  of  my  kids).  But  for 
travel  photos,  geo-tagging  is  useful.  The  Wayport  access  is  even  more 
useful  and  worth  the  extra  money  especially  for  mobile  workers  who 
take  photos  on  the  road  and  upload  them  for  free  via  the  Wayport  hot 
spots.  During  my  test,  I  took  a  bunch  of  photos,  ate  lunch  at  a 
McDonald’s  and  had  the  photos  uploaded  to  my  online  account  by  the 
time  I  got  back  to  my  desk. 

Installation  of  the  card  was  easy  —  just  connect  the  provided  USB  SD 
card  adapter  to  your  PC  and  a  Web-based  application  opens  and  lets 
you  configure  your  Wi-Fi  settings  (including  my  WPA2-enabled  net¬ 
work),  enable  or  disable  geo-tagging  and  decide  whether  to  upload 
images  to  a  specific  folder  on  your  PC.  Notification  alerts 
can  also  be  enabled,  which  will  send  an  e-mail  or  SMS 
message  to  your  phone  when  photos  have  been 
uploaded  to  the  Web  service. 

Some  caveats:  The  notifications  are  important,  because 
there’s  no  way  for  the  card  to  tell  the  camera  when  the 
photos  have  uploaded.  In  order  for  the  uploads  to  occur, 
you  have  to  keep  the  digital  camera  powered  on  (and  in 
some  cases,  you  have  to  change  the  power  settings  to  not 
go  into  power  save  mode). On  older  digital  cameras,  leav¬ 
ing  the  power  on  while  you  assume  that  photos  are  being 
uploaded  can  drain  the  battery  a  lot  faster. 

Grade:  ★★★★★  (out  of  five) 


Wireless 

Card 

2GB 


Eye-Fi  Explore  Wi¬ 
Fi-enabled  SD  card 


Shaw  can  be  reached  at  kshaw@nww.com.  New  Cool 
Tools  videos  every  Thursday  and  Twisted  Pair  podcast 
every  Friday  at  www.networkworld.com. 
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No  kidding  around.  Installing  a  KACE  KBOX  gives  you  complete  systems  management  in  days, 
not  months.  We  also  do  it  for  the  lowest  total  cost  of  ownership.  Give  us  a  call,  let  us  prove  it. 

Welcome  to  KACE  Time. 
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Virtualization  is  shifting  from  the  tactical  to  the 
strategic,  opening  a  world  of  possibilities  along  the 
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your  world. 
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hree  years  ago,  Sesame 
Workshop,  the  nonprofit 
organization  behind  the 
l  “Sesame  Street”  televi- 
I  sion  show,  was  looking  at  a 
$3  million  data-center  expan¬ 
sion  to  keep  up  with  its  Web.  multi- 
media  and  data  storage  needs. 
Instead  of  expanding,  however, 
the  organization  shrank  its  data  cen¬ 
ter  by  consolidating  100  physical 
servers  to  45  Novell  SUSE  Linux 
Enterprise  Servers,  then  virtualizing 
25  data-center  servers  into  five  phys¬ 
ical  machines. 

“That  data  center  has  extra  space  now. 
And  we’re  paying  less  for  heating  and  cool¬ 
ing,”  says  Noah  Broadwater,  vice  president 
of  IS  at  Sesame  Workshop,  in  New  York. 

Like  other  forward-thinking  IT  managers. 
Broadwater  espouses  virtualization’s  obvi¬ 
ous  blessings:  A  company  can  spin  up  and 
move  around  virtual-machine  images  to 
meet  load  and  use  requirements  at  the 
speed  of  business  while  drastically  reducing 
hardware,  storage  and  cooling  costs. 

See  VM  life,  page  28 


“Stop  thinking  of  a  virtual  machine 
as  anything  more  than  a  server.'’ 

-  NOAH  BROADWATER, 

vice  president  of  IS,  Sesame  Workshop 
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Hardware  to  meet  your  strong  demands 


AMD 

Opteron 


Athlon 
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World's  #1  Web  Host 
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ijth  a  yvide  variety  of  products  and  hosting  packages,  superior  data  center  technology, 
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ijcellent  reliability,  special  offers,  great  prices  and  a  90-day-money-back  guarantee, 

o  wonder  customers  trust  1&1  as  their  web  host  company! 
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internet! 


website  now  to  received 
ness  Package  for  the  first 
ENDS  08/31/2008. 


Best  Value: 

Compare  for  yourself. 

1&1 

The  Planet 

BUSINESS  1 

Intel  Pentium  4  Series  2.4+ 

CPU 

AMD  Athlon™  64  3500+  Processor 

Intel  Pentium  4  2.4  GHz+ 

RAM 

1  GB 

512  MB  included,  add  $15/month  for  1  GB 

Useable  Disk  Space 

160  GB 

80  GB 

RAID 

RAID  1  Included  (2  X  160  GB  HD) 

Add  $10/month  for  second  80  GB  HD  for  RAID  1 

BackUp 

Full  160  GB  Backup  Included 

Add  $80/month  for  80  GB  Backup 

Monthly  Traffic  (GB/month) 

2000  GB/month 

750  GB  included,  add  $175/month  for  1750  GB 

Total  Monthly  Fee  as  Configured 

$4$so 

*389 

ENTERPRISE  1 

Conroe  3060  Series  -  SATA 

CPU 

Dual-Core  AMD  Opteron™  1218  Processor 

Dual  Core  Intel  Xeon  3060  Conroe  Processor-2.4  GHz 

RAM 

4  GB 

2  GB  included,  add  $50/month  for  4  GB 

Useable  Disk  Space 

400  GB 

250  GB 

RAID 

RAID  1  Included  (2  X  400  GB  HD) 

Add  $40/month  for  RAID  1  +  $20/month  for  2nd  250  GB  HD 

Backup 

Full  400  GB  Backup  Included 

Add  $20Q/month  for  200  GB  Backup 

Monthly  Traffic  (GB/month) 

4000  GB/month 

2500  GB  included,  add  $175/month  for  3500  GB 

Total  Monthly  Fee  as  Configured 

Xs74950 

*694 

(&  2008  1&T  Internet,  Inc.  All  rights  reserved. 

Visit  1ancl1.c0m  for  details.  Prices  based  on  comparable  pad-ages,  effective  5/21/2008.  'Offer  valid  for  dedicated  server  packages  only,  with  a  24  month  minimum  contract  term  required. 

Prices  shown  reflect  Linux  (Root)  and  Managed  server  configurations.  - 

'  'Price  valid  for  first  year  of  .us  domain  registration.  After  the  first  year,  regular  prices  will  apply.  Product  and  program  specifications,  availability,  and  pricing  subject  to  change  without  notice.  Special  offer  expires  8  3 1  2008. 
All  other  trademarks  are  the  property  of  their  respective  owners. 


Domain  only 


For  a  limited  time,  America's  internet  address  is  on  sale. 
Create  your  own  .us  domain  by  visiting  www.1and1.com 


1.877.go1and1 
1and1.com 


Visit  us  now 


VM  life 

continued  from  page  24 

Unfortunately,  this  very  convenience  is  a 
curse  in  terms  of  manageability  something 
Broadwater  and  others  say  can  spiral  out  of 
control  quickly  if  the  rollout  isn’t  planned 
properly  and  the  virtual-machine  life  cycle 
taken  into  account.“I  can’t  see  consolidating 
25  physical  servers  down  to  five  and  then 
needing  three  management  servers  to  run  it 
all.  We’ve  stayed  away  from  all  that,”  he  says. 

Most  IT  organizations  have  a  hard  time 
nailing  down  their  physical  inventory  They 
lose  track  of  things  over  the  years  and 
through  mergers,  agrees  Jim  Houghton,  who 
led  Wachovia’s  Corporate  &  Investment  Bank 
IT  Utility  group  until  a  year  ago  and  now  is 
CTO  of  Adaptivity  an  infrastructure  consult¬ 
ing  firm.  For  example,  when  Wachovia’s  IT 
department  initially  deployed  Tideway 
Systems’  Foundation  application  and  discov¬ 
ery  tool,  “we  found  over  50  servers  that 
should  have  been  retired,”  he  says. 

Managing  dynamic  application-instances 
from  birth  to  grave  takes  more  than  those 
procedures  required  to  manage  physical 
servers  and  desktops,  Houghton  says.  For 
example,  what  of  the  virtual  applications  (or 
the  composite  of  multiple  applications)  run¬ 
ning  on  those  servers? 

IT  executives  who  have  virtualized  their 
infrastructures  say  they’ve  been  compelled 
to  dedicate  one  or  more  staffers  for  manage¬ 
ment  tasks  and  to  cross-train  their  staff  at  the 
systems  and  network  operations  levels.  Plus, 
they  say,  they’ve  felt  pressured  to  choose 
between  best-of-breed  point  solutions  or 
large,  enterprise  management  frameworks. 

Management  style 

Users  are  reacting  to  this  early  and  frag¬ 
mented  tools  market  by  managing  their 
infrastructures  in  layers  —  as  shown  in  the 
results  of  a  recent  survey  of  Network  World 
readers. 

Of  the  335  respondents  who  indicated  they 
have  some  type  of  life-cycle  management  in 
place  for  their  virtual  environments,61%  said 
they  use  two  to  five  tools;  only  18%  rely  on  a 
single  virtual-machine  management  tool.  In 
a  larger  base  of  522  respondents, 48%  use  the 
native  management  capabilities  of  the  Citrix 
Systems  XenSource,  Microsoft  Hyper-V  and 
VMware  ESX  hypervisors,  and  10%  layer 
third-party  products  into  the  mix.  (Thirty-one 
percent  do  no  monitoring  at  all.)  When  it 
comes  to  management  automation,  nearly 
two-thirds  of  358  respondents  cite  tie-ins  to 
traditional  systems-management  platforms 
from  such  companies  as  BMC  Software,  CA 
and  IBM  Tivoli. 

“Life-cycle  management  gets  complex 
when  you  start  getting  into  layers  and  feed¬ 
ing  into  big  system-management  interfaces,” 
Sesame  Workshop’s  Broadwater  says. 

To  keep  management  under  control, Sesame 
Workshop  uses  the  Xen  virtualization  hypervi¬ 
sor  native  to  the  SUSE  Linux  machines  on 
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which  the  company  has  standardized. Systems 
managers  also  use  Novell  ZENworks  Orch- 
estrator  and  Asset  Management  tools  to  keep 
tabs  on  the  virtual  machines. 

While  planning  their  virtual-machine  infra¬ 
structures,  organizations  need  to  look  at 
management  as  a  core  component,  experts 
say.  So,  along  with  inventorying  physical 
servers  and  applications  and  creating  gold- 
build  images,  they  should  consider  manage¬ 
ment  options  as  they  pertain  to  usage 
requirements,  says  Leslie  Muller,  formerly  a 
senior  technologist  for  virtualization  deploy¬ 
ments  at  Credit  Suisse  and  now  CTO  of 
DynamicOps,  a  virtual-machine  orchestra¬ 
tion  company. 

“You  need  to  consider  the  type  of  worker.  Is 
he  or  she  a  knowledge  worker  who  requires 
a  specialty-build  on-demand?  Or  is  he  or  she 
a  call  center  worker  who  needs  the  same 
environment  day  in  and  day  out?  In  the  latter 
case, a  standard  virtual-machine  build  would 
be  in  order,”  Muller  explains. 

Vignette,  an  Austin-based  software  pub¬ 
lishing  company,  follows  the  “on  demand” 
philosophy  for  200  developers  and  other 
employees  around  the  world. The  company 
has  resources  running  on  200  virtual- 
machine  images  in  Austin,  as  well  as  100  in 


Australia,  22  in  India  and  a  handful  in  the 
United  Kingdom. 

“Our  development  environment  is  ex¬ 
tremely  dynamic.  When  our  guy  in  India 
goes  to  bed  at  night  and  our  guy  in  Texas 
wants  to  use  that  virtual-machine  slot,  the 
system  needs  to  enable  this,”  says  David 
Graham,  CIO  at  Vignette.  “Management 
needed  to  fold  into  the  behavior  of  users 
requiring  this  level  of  access.” 

A  beta  version  of  Hyper9’s  Virtual  Infra¬ 
structure  Search  and  Analytics  tool,  a 
Google-like  search  engine  that  locates  and 
take  reads  on  the  state  of  virtual  machines  it 
finds,  shows  what’s  happening  with  the  orga¬ 
nization’s  virtual  machines  as  they’re  being 
used,  shelved  and  reused.  In  addition, 
VMLogix  laboratory-automation  software 
helps  Vignette  script  and  monitor  the  use  of 
the  virtual  machines. 

“Locating  physical  machines,  the  virtual 
machines  within  them;  knowing  who  set  them 
up,  what  they’re  used  for, who’s  changing  them; 
knowing  if  they  need  to  be  erased,  where  to 
store  them  —  these  are  all  areas  the  develop¬ 
ers  can  manage  themselves,”  Graham  says. 
“Our  developers  need  that  level  of  control." 

Nixon  Peabody  a  global  law  firm  with  1,700 
users,  has  a  more  centralized  approach  to  vir- 


“We  want  to  be ..... , _ 

something’s  changed  within  1 
virtual  machine  environment! 


-PETER  ALLEN, 

director  of  IT  operations,  Nixon  Peabody 


WALTER  COLLEY 


tual-machine  life-cycle  management.  Oper¬ 
ations  team  members  use  VMware’s  inherent 
management  features  to  track  and  control  the 
specific  production,  job,  SQL  and  develop¬ 
ment  servers  for  which  they’re  responsible. 
Plus,  the  firm  has  dedicated  a  VMware  Cert¬ 
ified  Professional  (VCP)  to  the  overall  care 
and  feeding  of  140  virtual  servers  running  on 
13  physical  machines  in  its  New  York  data  cen¬ 
ter, says  Peter  Allen,  director  of  IT  operations  at 
Nixon  Peabody  in  Rochester,  N.Y  (For  more  on 
virtualization  skills,  see  “Wanted:  virtualization 
expertise,”  page  38.) 

The  VCP  uses  Fortisphere  Virtual  Essentials 
management  and  policy  enforcement  for 
overall  monitoring  and  control.  The  Forti¬ 
sphere  tool  discovers  all  the  virtual  machines 
running  in  an  environment;  gives  a  history  of 
those  virtual  machines;  and  allows  for  change, 
configuration,  performance  and  inventory 
management  without  requiring  an  agent  on 
each  virtual  machine,  Allen  says.  Fortisphere 
also  supports  security  at  the  build  and  config¬ 
uration  management  stages,  he  adds. 

“We  needed  this  tool  for  the  whole  change- 
management  process. We  want  to  be  alerted 
when  something’s  changed  within  the  envi¬ 
ronment,”  Allen  notes. “We’ve  done  this  with¬ 
out  too  much  layering  of  tools  at  this  point. 


And  because  Fortisphere  charges  per  physi¬ 
cal  server,  we  thought  that  was  a  reasonable 
model  for  our  environment.” 

What  Fortisphere  doesn’t  have  is  the  ability 
to  find  idle  or  powered-off  machines,  but  it  is 
working  on  such  capabilities,  Allen  adds. 

Of  course,  virtual-machine  platform  tools 
can  be  told  manually  to  end  the  life  cycle  of 
a  given  virtual  machine,  as  long  as  the  sys¬ 
tem  manager  is  informed  and  paying  atten¬ 
tion.  What  Allen  refers  to  is  the  automated 
process  of  integrating  end-of-life  rules  across 
multiple  virtual-machine  brands  and  types. 

For  this  level  of  management,  Informatica,  a 
data-integration  software  maker  in  Redwood 
City,  Calif.,  is  considering  FastScale  Technol¬ 
ogy’s  FastScale  Composer  Suite.  With  this  tool, 
IT  should  be  able  to  manage  its  physical  and 
virtual  environments,  including  the  life  cycle 
of  deployed  applications,  their  duration  and 
the  reprovisioning  of  server  space  once  a  job 
is  done,  says  Tony  Young,  CIO  at  Informatica, 
which  uses  350  virtual  machines. 

“1  need  to  let  my  developers  log  into  a  portal 
and  say‘1  need  this  application  for  this  amount 
of  time’;  when  that  date  hits,  they’re  pinged  that 
the  machine  is  about  to  die  and  asked, ‘do  you 
want  to  renew?”’  Young  explains.  “With  Fast¬ 
Scale,  I  can  catalog  and  reprovision  all  of  my 


virtual  machines  across  I  V  |U| 

my  Linux  and  Windows  ■—■^mSERTES 

worlds.” 

Keep  it  basic 

As  this  sampling  of  use  cases  shows,  you 
won’t  find  a  universal  approach  to  managing 
virtual  environments.  In  fact,  preparing  for  het¬ 
erogeneous  virtualization  is  the  hardest  stage 
of  the  virtualization  movement,  says  research 
firm  Gartner  in  a  May  research  paper  on  virtu¬ 
alization  planning. 

“My  analogy  is  to  stop  thinking  of  a  virtual 
machine  as  anything  other  than  a  server,” 
Sesame  Workshop’s  Broadwater  surmises. 
“Start  slowly,  know  your  environment,  plan 
for  allocation  and  benchmarking  and  util¬ 
ization.  And  set  a  lifespan,  just  as  you  would 
for  a  physical  server.” 

Radcliff,  a  freelance  writer,  can  be  reached  at 
deb@radcliff.  com. 


>  How  to  get  the  most  out  of 
a  virtualization  strategy,  with 
virtualization  go-to  guy  Tony 
Bishop,  CEO  of  Adaptivity 
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UNDERSTANDING  THE  VIRTUAL-MACHINE  LIFE  CYCLE 


■  CREATION:  Enterprise  -class  configuration 
of  the  server  and  applications,  mostly  done 
manually  through  the  virtual-machine  man¬ 
ager  interface.  Automated  image-capture  of 
physical  machines  is  starting  to  take  root 
with  such  niche  vendors  as  Transitive,  par¬ 
ticularly  in  the  area  of  emulating  non-x86 
processors  and  running  them  on  other 
processors,  making  it  possible,  for  example, 
to  manage  Solaris  and  Windows. 

■  VISIBILITY:  Machines  set  up  for  a  specific 
purpose  -  for  example,  testing  or  develop¬ 
ment  -  can  linger  without  administrators’ 
knowledge.  Hyper9’s  Virtual  Infrastructure 
Search  and  Analytics  tool,  a  Google-like 
search  engine  offering  basic  discovery  and 
state  inspection  of  virtual  machines,  will  be 
free  for  download  in  September.  For  appli¬ 
cation  visibility,  Tideway  Systems’  Foun¬ 
dation  maps  application  relationships  to  the 
physical  and  virtual  servers. 

■  LOAD  BALANCING:  Virtual  machines  must  move  around  and  change 
their  purpose  as  needed  to  handle  predictable  and  on-demand 
loads.  Most  organizations  do  this  manually  using  native  VMware 
ESX,  Citrix  Systems  XenSource  and  Microsoft  Hyper-V  controls. 
Niche  products,  such  as  FastScale  Technology's  FastScale 
Composer  Suite  and  Evidant's  EvidantSP  software  suite,  also  are 
starting  to  get  attention. 


PLANNING 
WILL  GET 
YOU  ONLY 
SO  FAR  A 
VIRTUAL 
MACHINE 
MUST  BE 
MANAGED 
THROUGH¬ 
OUT  ITS 
UFE  CYCLE 
WHAT  TO 
CONSIDER: 


■  MACHINES  IN  PRODUCTION:  Managing  live  machines  is  done  man¬ 
ually  by  using  native  virtual-machine  interfaces,  but  more  tools  are 
starting  to  enable  the  cross-platform  management  of  some  of  all  of 
these  features  on  a  pick-and-choose  basis.  Novell's  ZENworks,  for 
example,  includes  asset-,  configuration-  and  patch-management 
components.  Life-cycle  points  during  production  include  licensing; 


access  controls;  patch-,  configuration-  and  change-management; 
security  (settings,  default  services  and  ports,  antimalware,  firewalls 
and  so  forth);  service-level  thresholds  for  physical  machines,  virtual 
machines  and  applications;  and  allocation. 

Specific  services  should  not  be  bunched  together.  Separate  vir¬ 
tual  farms  logically  or  physically  depending  on  their  function  (Web, 
database  and  so  forth)  to  make  them  easier  to  locate. 

Without  virtualization,  a  single  stand-alone  function  used  to  call 
for  a  single  physical  server.  Now  single-function  servers  (for  print, 
DNS,  small  but  critical  applications)  share  space  on  multifunction 
servers  and  get  lost  in  the  crowd.  Search  tools  help,  but  labeling 
virtual  servers  by  their  applications  keeps  them  organized. 

■  FAILOVER:  Depending  on  circumstances,  this  can  be  done  to 
another  location  on  the  same  server  or  to  another  physical 
machine.  Failover  can  be  automated  using  third-party  and  large 
systems-management  tools. 

■  REPURPOSING:  One  minute,  it’s  a  mail  server,  the  next  it’s  a  de¬ 
veloper’s  box,  based  on  use  and  need  for  capacity.  Manual  rollover, 
by  way  of  virtual-machine  managers,  and  some  automated  capabil¬ 
ities  are  emerging  in  such  tools  as  FastScale  Composer. 

■  STORAGE:  There’s  more  than  one  school  of  thought  on  continu¬ 
ous  use  and  repurposing  vs.  sleep  storage.  If  virtual  machines  are 
allowed  to  sleep,  they  must  run  through  patch-  and  configuration- 
management  checkers  when  they  wake  or  “spin"  up.  If  a  virtual 
machine  is  continually  repurposed,  then  its  patch  levels  should  stay 
current  (as  long  as  patch  management  and  so  forth  is  in  place). 

■  RETIREMENT:  Set  expiration  dates  for  virtual  machines.  In  addition, 
detect  systems  that  were  created  but  have  been  inactive  for  a  set  per¬ 
iod  of  time,  and  auto-expire  them.  Fortisphere  is  working  on  this. 

-  DEB  RADCLIFF 
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Spurred  by  the  business  bene¬ 
fits  gained  from  server  virtual¬ 
ization,  enterprises  now  are 
embracing  desktop  virtual¬ 
ization  for  many  of  the  same 
reasons:  flexibility  lower  costs 
and  ease  of  management. 

The  latter  has  been  huge  for  the 
University  of  Maryland  in  College 
Park,  says  Jim  Maloney,  network 
applications  manager  at  the  school,  which 
has  been  using  desktop  virtualization  since 
November  2007.  The  university  hosts  50  —  soon 


images  from  a  specialized  hardware-only  device  into  which  they  plug  their 
mice,  keyboards,  displays  and  network  connections. 

“We  were  spending  between  $700  and  $1,000  per  desktop,  whereas  the  Pano 
device  costs  just  $300.  And  an  actual  PC  eventually  becomes  obsolete  and  has 
to  be  replaced.  With  the  Pano,  if  we  want  to  upgrade  the  entire  company’s 
desktops,  we  just  upgrade  the  few  servers  we  have  and  we  allot  more  memory 
or  faster  speeds  to  the  images.  It’s  a  concrete  dollar  savings,”  Patel  says. 

Plus,  users  get  unprecedented  flexibility:  They  can  access  their  desktops 
from  virtually  any  device  residing  anywhere,  as  long  as  they  have  good 
network  connections  (see  “Three  caveats  for  desktop  virtualization,” 
www.nwdocfinder.com/6224).  Instead  of  sharing  centrally  hosted  applica¬ 
tions,  they  access  their  full  desktop  images  complete  with  familiar  applica¬ 
tions  and  customized  wallpaper  —  the  final  fulfillment  of  the  thin-client  ideal. 
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servers  running  the  Sun  Ray  Server  Software  and 
Sun’s  virtual  desktop  software.  Users  access  the 
images  from  Sun  Ray  terminals.  “Overall,  we’ve 
saved  30  hours  a  week  in  management  time  — 
practically  one  full-time  employee,”  he  says. 

Others  look  to  desktop  virtualization  as  a  hedge 
against  the  cost  of  future  PC  upgrades.  “Com¬ 
pared  with  traditional  desktops,  virtualization  is  a 
77  no-brainer,”  says  Kunal  Patel,  IT  manager  at  Nina 
/  Plastics,  a  packaging  manufacturer  in  Orlando, 
|  ■  Fla.  Nina  hosts  50  virtual  PC  images  on  two  ESX 
servers  using  Pano  Logic’s  Virtual  Desktop 
If/ySpitition  software.  Users  access  the  hosted 
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Desktop  virtualization  requires  a  hypervisor,  such  as  VMware  i  SX,  Citrix 
Systems  XenServer  or  Microsoft  Hyper-V,  running  on  a  data-center  server  to 
host  the  desktop  images.  Vendors  differentiate  themselves  by  the  overlying 
desktop  virtualization-management  software  that  brokers  the  connection 
between  the  virtual  PC  image  and  the  actual  client,  be  that  a  Macintosh,  Linux 
or  Windows  PC;  thin  client;  Web  browser;  or  specialized  device  like  the  Pano. 
While  many  vendors  rely  on  Microsoft’s  Remote  Data  Protocol  (RDP)  to  han¬ 
dle  the  server-client  communications  (think  Microsoft,  VMware),  others  use 
proprietary  protocols  to  apply  compression  and  other  optimization  tech¬ 
niques.  For  example,  Citrix  uses  its  well-known  Independent  Computing 
Architecture  (ICA)  communications  protocol,  while  Qumranet  has  a  render- 
ing  protocol,  called  Simple  Protocol  for  Independent  Computing 
Environments  (SPICE),  aimed  at  supporting  multimedia  applications. 
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Your  potential.  Our  passion. 

Microsoft 


Dell.com  is  one  of  the  world's  largest  and  most  advanced  e-commerce 
sites.  As  a  technology  leader,  Dell  relies  on  Windows  Server  2008 
for  the  flexibility  and  reliability  needed  to  support  a  mission-critical 
environment  where  downtime  is  not  an  option.  Get  the  full  story  at 

serverunleashed.com 


Windows  Server  2008 


When  40  million  customers  show  up  at  Dell.com 

who  helps  greet  them  at  the  c 
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continued  from  page  30 

Vendors  are  addressing  different  use  cases 
and  pain  points  (see  “13  desktop  virtualiza¬ 
tion  tools,”  www.nwdocfinder.com/6221).  The 
most  well-known  approach,  called  VDI  (after 
VMware’s  pioneering  Virtual  Desktop  Infra¬ 
structure),  lets  IT  host  a  virtual  desktop  image 
on  a  data  center  server.  The  virtual  desktop, 
which  users  access  via  an  always-on  network 
connection,  remains  secure,  backed  up  and 
easy  to  manage. 

VDI  also  offers  good  disaster  recovery,  be¬ 
cause  backing  up  a  single  server  to  a  disaster- 
recovery  site  is  easier  than  recovering  multi¬ 
ple  distributed  desktops.  “If  you  were  in  the 
Midwest  flood  zone  and  some  office  received 
damage  and  couldn’t  open,  those  employees 
could  work  remotely  from  home  or  from 
somewhere  else  in  the  countiyf  says  Mitchell 
Ashley  CEO  of  Converging  Network  and  a 
Network  World  Microsoft  Subnet  blogger. 

VDI  also  handles  day-to-day  disasters  more 
easily  than  a  physical  desktop  infrastructure 
can.  When  PCs  fail,  users  lose  work,  time  and, 
usually  data.  A  virtual  PC  is  not  tied  to  hard¬ 
ware,  however,  so  fixing  what’s  gone  awry  usu¬ 
ally  means  just  restarting  the  session.  Data 
should  be  current  because  it  sits  on  a  server. 

Likewise,  virtual  PC  users  shouldn’t  be 
affected  when  a  host  server  fails.  At  Nina 
Plastics,  for  example,  Patel  uses  two  servers  for 
failover  protection.  He  describes  how  effec¬ 
tive  that  approach  has  been  for  business 
users:  “One  day  something  happened  with 
one  of  the  servers  and  it  stopped  running.  I 
only  noticed  because  I  was  walking  through 
the  data  center  and  I  saw  the  light  was  off.  I 
went  around  the  office  and  asked  if  anybody 
noticed  anything  slow  or  wrong,  and  nobody 
mentioned  anything.” 

That  situation  was  a  far  cry  from  the  past, 
when  Patel  continually  chased  down  desktop 
problems.  “In  the  past,  a  server  failure  would 
have  been  a  nightmare.  I  would  have  had 
1,000  calls.  But  with  this  setup  . . .  everyone 
continued  to  do  business.” 

VDI  also  is  easier  to  secure  than  a  physical 
desktop  infrastructure  because  security 
updates  and  patches  can  be  made  to  the 
image  template  once,  and  users  get  the 
changes  the  next  time  they  access  their  desk¬ 
tops.  In  addition,  user  access  to  USB,  thumb, 
CD  and  DVD  drives  and  other  peripherals  can 
be  restricted  centrally  and,  because  VDI’s 
images  are  full  desktops,  they  include  such 
corporate  security  features  as  VPN  support. 

On  the  downside,  a  centrally  hosted  VDI 
requires  an  always-on  network  connection. 
While  this  kind  of  connection  is  becoming 
more  ubiquitous  in  these  days  of  wireless  and 
broadband,  it  still  is  not  a  given.“You  can’t  use 
VDI  on  a  plane  or  in  a  subway  tunnel,” 
Converging  Network’s  Ashley  notes. 

In  addition,  many  graphics-  or  processor¬ 
intensive  desktop  applications  don’t  work  as 
well  via  a  VDI  as  they  do  over  a  physical  infra¬ 
structure.  Bottlenecks  occur  when  all  the 


desktops  share  the  host  server’s  processor  and 
memory  The  performance  of  such  interactive 
applications  as  video  also  tends  to  suffer  with 
VDI,  primarily  because  all  execution  happens 
on  the  server  and  is  presented  to  the  user  via 
a  remote  presentation  protocol  —  RDP  for 
example  —  that’s  not  optimized  for  streaming. 

“Sometimes  we  stream  video,  and  right  now, 
video  is  not  optimized.lt  can  display  but  there 
is  a  bit  of  disconnect  and  the  audio  doesn’t 
sync  up  well,”  Nina  Plastics’  Patel  says. 

Storage  also  poses  a  challenge  in  VDI  envi¬ 
ronments, says  Brad  Novak,  managing  director 
of  end-user  platforms  for  Credit  Suisse  in 
London.  Once  desktop  data  is  moved  to  the 
data  center.it  needs  not  only  to  be  hosted  but 
also  to  be  stored  and  backed  up.  “This 
becomes  a  challenge,  particularly  if  you’re  try¬ 
ing  to  use  virtualized  desktops  to  lower  your 
costs,”  he  says,  noting  that  many  users  auto¬ 
matically  put  virtualized  desktops  on  expen¬ 
sive  SAN  storage.  “You  have  to  make  sure 
you’re  storing  them  on  storage  that  has  a  rea¬ 
sonable  price  point.  When  they’re  running, 
they’re  usually  in  memory  There  is  some  pag¬ 
ing,  but  you  don’t  necessarily  need  to  run  it  on 
your  fastest  storage,”  he  adds. 

With  a  second  option,  locally  hosted  desk¬ 
top  virtualization,  an  always-on  network  con¬ 
nection  isn’t  necessary  The  host  —  an  Apple, 
Microsoft  or  Linux  PC  —  is  configured  with  a 
local  hypervisor.  Users  then  spin  up  different 
desktop  images  to  run  atop  that  hypervisor. 

Local  virtualization  products,  such  as 
VMware’s  ACE  and  Sun’s  VirtualBox,  work  well 
for  testers  and  developers  needing  to  run  var¬ 
ious  desktops  side  by  side  from  the  same 
workstation.  The  local  option  also  easily  han¬ 
dles  interactive  or  graphics-intensive  applica¬ 
tions,  because  the  local  graphics  card  is  avail¬ 
able,  as  are  other  resources.  Storage  becomes 
a  non-issue,  too,  since  data  is  saved  locally 

The  rub?  Once  the  image  is  local,  it  stays 
there.  There’s  no  centralized  control,  manage¬ 
ability  or  backup. 

The  good  news  is  that 
you  don’t  necessarily 
have  to  choose  between 
central  management 
and  local  control  and 
performance.  Some  desktop  virtualization 
tools,  like  MokaFive’s  Live  PC,  are  meant  to 
combine  the  best  of  the  VDI  and  locally 
hosted  worlds. 

With  Live  PC,  IT  stores  and  manages  images 
centrally  Users  stream  the  images  to  local 
Apple,  Microsoft  or  Linux  desktops.  Perform¬ 
ance  is  less  of  an  issue  than  with  VDI  because 
everything  is  stored  in  cache  and  runs  locally 
using  local  resources. 

Once  the  desktop  image  has  been  down¬ 
loaded,  users  can  disconnect  and  take  it  with 
them.  Downloading  an  image  for  the  first  time 
takes  about  two  hours  over  a  typical  cable 
modem  connection,  but,  once  the  initial  files 
arrive,  users  can  work  while  they  wait. 
Alternatively,  IT  can  distribute  the  central 
image  on  encrypted  USB  sticks.  When  the  user 
links  to  the  network,  the  local  and  central 
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image  sync  up,  ensuring 
that  security  files  are  up¬ 
dated  and  data  is  centrally 
managed. 

Similarly  Ceedo  Technol¬ 
ogies’  Ceedo  Enterprise  software  and  San- 
Disk’s  upcoming  Secure  Virtual  Workspace 
tackle  the  offline/online  problem  by  optimiz¬ 
ing  virtual  desktop  images  to  run  directly  from 
a  USB  or  portable  hard  drive.  Because  the  USB 
stick  or  hard  drive  uses  full  AES  encryption, the 
device’s  data  stays  safe  if  it’s  lost  or  stolen. A  big 
plus  is  the  ease  of  distribution. 

For  example,  one  insurance  company  used 
to  give  its  nearly  400  agents  computer  note¬ 
books  configured  with  several  industry- 
specific  applications.  Now  it  just  sends  out 
Ceedo  USB  sticks  with  a  fully  configured  desk¬ 
top  image,  says  Lothar  von  Kornatzki,  manag¬ 
ing  director  of  Mobility-Office  Solutions,  a 
Munich,  Germany-based  Ceedo  reseller. 

“The  cost  to  support  the  notebooks  went 
down  90%, ”  von  Kornatzki  says.“And  we  did  a 
survey  of  the  agents,  and  in  terms  of  applica¬ 
tion  installation,  disaster  recovery  and  using 
the  environment,  they  save  more  than  four 
hours  a  week.That’s  a  real  advantage.” 

The  downside  here  is  that  some  images 
require  costly  USB  sticks.  “If  you  have  a  stan¬ 
dard  USB  stick  with  3MB  of  writing  speed  and 
12MB  of  reading  speed, you  could  have  a  per¬ 
formance  problem,”  von  Kornatzki  says.  “You 
really  need  more  like  22MB  of  writing  speed 
and  32MB  of  reading  speed.” 

Specialty  approaches 

For  those  who  like  the  control  of  VDI  but 
need  better  performance  for  video  and  CAD 
applications,  Qumranet  offers  Solid  ICE.  This 
tool  requires  an  always-on  connection,  but  it 
has  an  optimized  rendering  protocol  to  sup¬ 
port  high-definition  video,  VoIP  and  even 
videoconferencing  within  the  VDI  scenario. 

If  storage  and  performance  are  concerns, 
Citrix  has  optimized  its 
version  of  VDI  to  shore 
up  both,  using  the  ICA 
protocol  expertise  it 
gained  through  its  Meta- 
Frame  offering.  Citrix  iso¬ 
lates  not  only  the  hardware  from  the  operat¬ 
ing  system  but  also  the  applications  and  the 
user  preferences,  storing  all  data  separately 
and  delivering  only  what  an  individual  user 
requires. “There  is  no  need  to  store  a  full  vir¬ 
tual  image  of  Windows  for  every  PC,”  says  Raj 
Dhingra,  general  manager  of  desktop  deliv¬ 
ery  at  the  company  “We  can  separate  the 
applications  from  the  operating  system,  so 
the  image  requires  less  storage.” 

So,  the  options  are  out  there  “What  flavor  will 
win?  Nobody  knows,”  blogger  Ashley  says. 
“There  are  a  variety  of  uses  here,  and  I  think 
we’ll  see  some  forms  of  all  of  them  hanging 
around.  We’ll  need  them.” 

Cummings  is  a  freelance  writer  in  North 
Andover,  Mass.  She  can  be  reached  at  jocum 
mings@comcast.  net. 


Emm  >  Three  caveats  for  desktop  virtualization,  www.nwdocfinder.com/6224 
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Dear  Valued  Customer, 

We  are  very  excited  to  be  joining  forces  with  Foundry  Networks  to  provide  you  and  the  industry  with  a  broad 
range  of  the  highest-performance,  most  reliable  networking  solutions,  from  the  Internet  to  the  data  center. 

As  an  important  part  of  this  recent  announcement,  we  want  to  assure  you  of  our  commitment  to  your 
infrastructure  investment  and  absolute  customer  satisfaction.  Upon  the  completion  of  the  acquisition,  we 
look  forward  to  continuing  to  provide  the  high  levels  of  innovation,  product  quality,  and  customer  service 
that  you  expect  and  rely  on. 


A  Commitment  to  Protecting  and  Extending  Your  Investment 

We  are  committed  to  continuing  to  deliver  and  invest  in  Foundry  products  and  solutions  following  the  closing 
of  the  acquisition.  As  part  of  this  ongoing  commitment,  we  will  provide  you  with  a  detailed  product  roadmap 
after  the  acquisition  closes.  You  can  also  count  on  the  combined  company  to  help  you  implement  and  support 
your  current  and  future  networking  projects,  allowing  you  to  maximize  the  value  of  your  Foundry  infrastructure. 

A  Commitment  to  Innovative  Engineering  and  Technical  Leadership 

Foundry  customers  know  that  better  engineering  equates  to  a  better  network.  We  are  committed  to  the 
retention  and  continued  development  of  the  Foundry  engineering  teams  that  have  consistently  delivered 
industry-leading  solutions,  from  the  enterprise  edge  to  the  service  provider  core.  We  believe  this  represents 
a  giant  leap  forward.  And  we  look  forward  to  continuing  to  create  solutions  that  enable  next-generation, 
high-performance,  end-to-end  networks  to  come  to  life. 

A  Commitment  to  Superior  Technical  Support  and  Customer  Satisfaction 

Brocade  and  Foundry  share  many  core  values,  and,  for  both  companies,  customer  satisfaction  is  our  top 
priority.  We  will  continue  to  focus  on  satisfying  the  technical  and  business  needs  that  are  mission-critical 
to  your  success,  including  a  promise  to  deliver  best-in-class  technical  support,  and  to  honor  all  existing 
contractual  service  and  support  commitments. 

Brocade  and  Foundry  will  continue  to  operate  as  independent  companies  until  after  the  transaction  closes. 
We  value  your  input  on  how  to  best  serve  your  needs  today  and  in  the  future.  Please  do  not  hesitate  to  work 
with  your  respective  Brocade  or  Foundry  sales  representative  regarding  any  questions  you  might  have  or 
any  additional  feedback  you  would  like  to  provide. 

I  hope  that  you  are  as  excited  about  the  future  as  we  are.  We  very  much  look  forward  to  being  your  high- 
performance  partner  for  your  important  networking  needs. 

Thank  you  and  best, 

/kicLf  idtJL 

Michael  Klayko 
Chief  Executive  Officer 
Brocade 
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If  you  would  like  more  information  about  the  acquisition,  please  see  Brocade  or  Foundry's  website  at  www.brocade.com/convergednetworks  or  www.foundrynet.com/ 
convergednetworks,  or  the  respective  company's  SEC  filings  at  www.sec.gov 
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mid  the  excitement  of  virtu¬ 
alizing  server,  storage  and 
desktop  resources,  the  net¬ 
work  hasn’t  received  much 
attention.  As  these  virtual 
resources  take  their  places 
in  the  New  Data  Center, 
however,  the  network  will 
emerge  from  behind  the 
scenes  to  command  cen¬ 
ter  stage  and  play  a  pivotal  role  in 
tomorrow’s  virtualized  environments. 

This  isn’t  to  say  the  concept  of  network  virtualiza¬ 
tion  is  new  —  virtual  LANs  (VLAN), VPNs  and  MPLS, 
enabling  multiple  virtual  connections  to  share  band¬ 
width  resources  on  one  network  pipe,  are  longtime 
favorites.The  rush  to  virtualize  multiple  infrastructure 
and  application  resources,  however,  is  changing  the 
rules  for  network  virtualization,  and  IT  managers  are 
gearing  up  for  the  networks  second  act. 

“Virtualization  is  the  most  disruptive  technology  to 
hit  networking  in  10  years.  It’s  the  first  computing 
architecture  that  has  a  high  network  dependency 
which  means  the  network  architecture  going  for¬ 
ward  has  to  be  in  lock  step  with  server,  storage  and 
desktop,”  says  Robert  Whiteley  an  analyst  at  Forrester 
Research.The  network  historically  has  been  plumb¬ 
ing  that  everything  rode  on  top  of.  Now  it  is  becom¬ 
ing  the  new  backplane,”  he  says. 

Jeremy  Gill, CIO  of  Michael  Baker  Corp.,a  civil  engi¬ 
neering  firm  in  the  Pittsburgh  area,agrees.“When  we 
think  of  virtualization  in  a  large  environment,  the 
more  we  can  push  down  to  the  network  layer,  the 
better  we  will  be  from  a  total-cost-of-administration 
standpoint,”  he  says.“VMware  took  a  great  first  step 
with  x86  server  virtualization,  but  now  it’s  time  to 
embed  this  knowledge  at  the  network  layer’’ 


“When  we  think  of 
virtua  ization  in  a 
arge  environment, 
the  more  we  can 
push  down  to  the 
letwork  (aver, 
the  better.’ 
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-  JEREMY  GILL, 

CIO,  Michael  Baker  Corp. 


Flat-as-a-pancake  networks 

For  the  network  to  serve  a  virtual  environment 
best,  however,  some  cardinal  rules  of  networking 
must  change,  industry  watchers  say  For  one,  the  flex¬ 
ibility  and  portability  of  virtual-server  resources 
demand  that  the  traditional,  three-tiered  network  architecture  —  edge, 
distribution  and  core  switches  —  collapse  into  a  flat  landscape  across 
which  virtual  machines  can  be  allocated  and  reallocated. 

“Server  virtualization  has  very  much  blurred  the  line  of  where  the  net¬ 
work  stops  and  the  server  begins,”  says  Andreas  Antonopoulos.an  ana¬ 
lyst  with  Nemertes  Research. 

Take  VLANs  in  a  virtual-server  environment,  for  instance. 
Administrators  might  use  a  Layer  2  VLAN  to  allow  virtual  machines  to 
travel  freely  between  two  data  centers  while  remaining  on  the  same 


subnet.  Because  Layer  2  routing  is  local  and 
Layer  3  is  used  to  go  from  one  subnet  to  another, 
this  type  of  design  “goes  against  everything  taught 
in  traditional  networking,”  Antonopoulos  says.  “It 
violates  the  sacred  cows  of  networking  and 
makes  no  sense  using  the  old  rules.” 

Adopting  server-  and  storage-virtualization  tech¬ 
nologies  forced  The  First  American  Corp.  in  Santa 
Ana,  Calif.,  to  rethink  its  network  architecture,  says 
Jake  Seitz,  enterprise  architect  at  the  company 
which  provides  business  information  to  con¬ 
sumers  and  businesses. 

In  the  physical  world,  for  example,  First  American 
relied  on  many  VLANs  to  segment  traffic.  In  the  vir¬ 
tual  world,  fewer  VLANs  are  required  on  a  switch 
—  and  that  makes  planning  more  of  a  challenge. “Being  able  to  con¬ 
solidate  many  services  virtually  on  the  same  hardware  reduces  the 
need  to  create  as  many  VLANs,  but  now  their  importance  increases 
because  there  are  fewer  of  them,”  he  says. 

“In  the  past, you  could  have  disparate  networks,  and  one  being  down 
didn’t  affect  everyone.  In  a  virtualized  environment,  if  you  make  a 
change,  it’s  a  global  change  and  everyone  is  touched,”  Seitz  explains. 
“The  gamut  of  all  these  applications  that  make  up  the  business  now  go 
riding  on  a  common  pipe;  and  when  you  start  piling  everything  on 


Not  your 

What  the  network  becomes  in 
a  virtua  ized  enterprise 
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there,  the  importance  of  that  pipe  becomes 
very  apparent  —  especially  when  you  have  a 
problem,”  he  says. 

In  addition,  IT  has  made  sure  the  network 
doesn’t  become  a  bottleneck  by  segregating 
theVMwareVMotion  management  data  from 
the  network  traffic,  Seitz  says.“We  don’t  want 
VMotion  traffic  to  influence  how  our  cus¬ 
tomer-facing  and  revenue-generating  appli¬ 
cations  behave,”  he  says. 

Making  sure  nothing  goes  amiss  as  First 
American  rearchitects  its  networks  also  has 
meant  IT  process  change,  Seitz  says.  New 
change-management  boards  with  representa¬ 
tives  from  each  IT  discipline  —  servers,  stor¬ 
age,  networks  and  so  forth  —  work  to  make 
sure  nothing  gets  lost  or  errors  get  introduced 
“while  we  collapse  the  network,”  he  says. 

That’s  a  smart  move,  says  Forrester’s 
Whiteley  who  points  out  that  the  network  has 
yet  to  come  up  in  talks  around  server  virtual¬ 
ization  at  most  companies  because  deploy¬ 
ment  hasn’t  reached  critical  mass.  “A  small 
amount  of  virtualization  in  servers,  storage 
and  desktops  doesn’t  stress  the  network,  but 
as  enterprise  companies  scale  out,  they  will 
hit  a  tipping  point  at  which  they  will  become 
highly  dependent  on  the  network  and  bottle¬ 
necks  will  ensue,”  he  says. 

Network  security  in  the  form  of  firewalls 
and  DMZs  also  is  undergoing  changes  due  to 
virtualization.  In  some  cases, people  are  plac¬ 
ing  inward-  and  outward-facing  machines  on 
the  same  pool  of  resources  and  collapsing 
multiple  DMZs  into  a  single  zone,  changing 
the  traditional  role  of  the  perimeter. 

In  addition  although  enterprises  are  adopt¬ 
ing  virtual  network  services, such  as  load  bal¬ 
ancing,  virtual  security-related  services  aren’t 
as  popular. The  network  security  changes  are 
ahead  of  most  network  managers’  comfort 
levels,  says  Ian  Rousom,  who  works  in  Infra¬ 
structure  Design  Engineering  for  Lockheed 
Martin  Enterprise  Business  Services  in 
Denver. 

“Most  reputable  network  vendors  offer 
some  kind  of  virtual-firewall  capabilities  that 
they  are  integrating  directly  into  switching 
platforms,”  Rousom  says.  “Opposition  to  net¬ 
work-security  virtualization  usually  involves 
a  mind-set  that  virtualization  somehow  de¬ 
creases  the  effectiveness  of  security  to  an 
unacceptable  level.  Most  organizations  must 
carefully  determine  the  actual  level  of  risk  of 
virtualizing  network  security,  then  weigh 
those  risks  against  the  cost  advantages  of 
needing  fewer  physical  devices,”  he  says. 

Virtual  moves  by  network  vendors 

A  virtualized  enterprise’s  success  relies  on 
the  network  gaining  more  intelligence  about 
the  virtual  components  it  will  be  routing. 
That  means  network-gear  vendors  at  the  very 
least  need  to  make  their  equipment  virtual¬ 
ization-aware:  In  other  words,  the  switch  must 


be  able  to  spot  virtual  resources  and  com¬ 
prehend  their  actions. 

Ideally  physical-network  gear  would  have 
visibility  into  the  virtual  resources  and  could 
allocate  those  resources  based  on  knowl¬ 
edge  of  the  physical  and  virtual  realms.  The 
gear  would  have  predefined  server-,  storage- 
and  network-resource  policies  for  a  given 
service,  and  could  allocate  those  resources 
as  virtual  and  physical  conditions  change. 
The  network  gear  would  have  to  be  able  to 
communicate  with  computing  resources 
and  vice  versa. 

Network  vendors  don’t  understand  the  com¬ 
puting  world  very  well,  however,  so  they  will 
have  to  work  with  the  virtual-server  compa¬ 
nies  to  make  sure  that  when  a  virtual  event 
happens  the  network  understands  what  to  do 
with  the  traffic, says  Zeus  Kerravala.an  analyst 
at  The  Yankee  Group.  “For  the  network  to  be 
the  governing  component,  it  needs  to  under¬ 
stand  the  application  process  as  well,”  he  says, 
noting  that  Cisco  has  a  good  handle  on  this. 

Cisco  has  worked  closely  with  VMware,  in 
which  it  holds  a  stake,  to  exploit  VMware  APIs 
and  enable  Cisco  gear  to  tackle  virtual  envi¬ 
ronments.  With  itsVFrame  Data  Center,  Cisco 
offers  a  policy-orchestration  and  -manage¬ 
ment  engine  for  highly  virtualized  environ¬ 
ments.  Plus,  the  Nexus  5000  data  center 
switch  supports  virtual  machine  capabilities, 
which  allow  the  dynamic  provisioning  of 
application  and  infrastructure  services  from 
shared  pools  of  compute,  storage  and  net¬ 
work  resources. 

Other  vendors  have  been  working  on  net¬ 
work  virtualization,  too  —  though  their 
approaches  aren’t  as  advanced  as  Cisco’s. 
Nortel,  for  example,  is  developing  the  Virtual 
Services  Switch  5000,  expected  later  this 
year,  for  virtualizing  firewall,  application¬ 
switching  and  SSL-acceleration  services. The 
VSS  5000  switch  will  be  able  to  consolidate 
these  virtual  functions  into  a  single  device, 
then  orchestrate  and  provision  services  to 


different  departments  or  _ 

workgroups  based  on  SEl^ 

predefined  policies,  the 
company  says. 

3Com  has  taken  the  partnership  route,  pair¬ 
ing  with  LineSider  Technologies  to  include 
virtualization  capabilities  in  its  MSR  Series 
multiservice  routers.  The  goal  is  to  let  users 
virtualize  networks  and  improve  manage¬ 
ment  of  infrastructure  services,  3Com  says. 

F5  Networks  has  gained  a  file-virtualization 
offering  through  its  acquisition  of  Acopia 
Networks,  as  application  acceleration  ven¬ 
dors  across  the  board  have  been  developing 
and  partnering  to  consolidate  network  ser¬ 
vices  from  many  appliances  into  one. 
Riverbed  Technology,  for  example,  has 
teamed  with  IP  address-management  vendor 
Infoblox  on  an  appliance  that  will  combine  a 
virtual  instance  of  Infoblox’s  core  network- 
services  software  with  the  Riverbed  operat¬ 
ing  system.The  goal  is  to  couple  local  branch 
services  with  such  core  network  services 
such  as  DNS  and  RADIUS. 

While  such  products  might  boast  some  vir¬ 
tual  capabilities  —  which  is  good  —  virtual- 
machine-aware  gear  is  the  future,  network 
managers  say  Only  by  outfitting  networks 
with  virtual-machine-aware  gear  will  they  be 
able  to  smooth  the  transition  from  traditional 
networks  to  those  of  the  virtual  realm. 

Such  companies  as  VMware  also  will  be 
expected  to  work  more  closely  with  network- 
gear  vendors  to  make  hypervisor  technology 
network-aware.  Enabling  native  integration 
between  virtualization  technologies  and  net¬ 
work  equipment  will  give  network  managers 
the  visibility  into  the  virtualization  layer  they 
need  to  monitor  traffic,  manage  resources 
and  prevent  performance  degradations. 

“I  think  VMware  and  the  like  will  be  work¬ 
ing  hard  to  be  the  network-aware  virtual  ven¬ 
dors, ’’Baker’s  Gill  says.“And  Cisco  will  want  to 
become  the  leading-edge  virtual  network 
vendor.  It  will  be  an  interesting  time.”B 


THE  NETWORK  AS  VIRTUALIZATION  RACKPLANE 

Cisco’s  VFrame  Data  Center  appliance,  which  applies  policies  and  provides 
automated  provisioning,  serves  as  an  example  of  how  the  network  and  virtual 
environment  are  coming  together 


VFrame  can  deliver  services  on 
demand  by  stitching  together 
virtual  servers  connected  via  a 
virtual  LAN  to  storage  resources. 


Fibre  Channel  storage-area  network 
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The  appliance  can  perform  Fibre  Channel  zoning  and  dynamic 
LUN  mapping,  as  well  as  VLAN  and  virtual-SAN  configuration. 


The  high-availability  appliance  plugs 
into  the  network  to  tap  server  and 
storage  resources  and  apply  policies 
to  the  virtual  environment, 
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become  a  necessary  requirement,”  in  order  to  institution¬ 
alize  best  practices  and  disseminate  knowledge,  Haight 
says.  “The  application  administrators  and  developers 
need  to  be  brought  in  to  play  along  with  the  server,  stor¬ 
age  and  network  teams.” 

IT  organizations  that  don’t  think  through  or  enable 
interdisciplinary  communication  could  wind  up  with¬ 
out  the  necessary  processes  or  technology  standard¬ 
ization,  adds  Stephen  Elliot,  an  IDC  analyst.“At  least  get 
folks  from  different  silos  together,  maybe  monthly  to  talk 
about  virtualization  best  practices,  product  selection 
criteria  and  management  processes,”  he  suggests. 

Collaboration  is  critical  in  the  early  stages,  Fulton 
County’s  Terrell  agrees.  “We  didn’t  need  a  committee 
meeting  to  virtualize  a  server.  But  when  we  started  popu¬ 
lating  blades,  we  needed  to  have  a  much  more  coopera¬ 
tive  approach,  because  it’s  not  plug-and-play  as  far  as  the 
network  and  storage-area  network  go,”  he  says. 

To  help  in  its  server  virtualization  training,  Fulton 
County  recreated  its  server  environment  in  a  laboratory 
and  virtualized  every  server  in  the  data  center  as  a  test, 
says  Keith  Dickie,  assistant  IT  director  for  Fulton  County 
“That  was  part  of  our  kicking  the  tires  —  real,  live  train- 
ing.”The  county  also  used  professional  services  to  vali¬ 
date  its  virtualization  approach  and  help  the  county 
streamline  its  deployment  processes,  he  says. 

The  endeavor  has  rejuvenated  not  only  the  IT  infra¬ 
structure  but  personnel  as  well.  “This  was  a  breath  of 
fresh  air  to  some  pretty  hardened  IT  veterans,”  Terrell 
says.“I  haven’t  seen  this  level  of  excitement  in  a  while.” 

That’s  the  way  it  ought  to  be,  Elliot  says.  “The  skill  set 
required  for  this  technology  is  only  going  to  increase,  as 
is  the  number  of  mission-critical  applications  hosted  on 
a  virtual  architecture,”  he  says.“So,its  relevance  is  going  to 
increase  every  year  for  the  foreseeable  future. Any  IT  pro¬ 
fessional  who  doesn’t  get  jazzed  about  that  probably 
shouldn’t  be  in  IT’B 


virtualization  expertise 

IT  pros  with  virtualization  smarts  are 
tough  to  find  -  and  can  be  hard  to  keep 

BY  ANN  BEDNARZ 


>  How  to  get  the  most  out  of  your  virtualization  strategy,  www.nwdocfinder.com/6225 


Got  a  crackerjack  virtualization  pro  on  your 
staff?  Better' keep  your  eye  on  that  talent. 

As  virtualization  deployments  mature  from  tactical 
server  projects  to  strategic  enterprise  initiatives,  compa¬ 
nies  are  finding  that  IT  personnel  with  the  necessary 
skill  sets  are  in  short  supply  Once  trained,  virtualization 
experts  can  be  even  more  difficult  to  retain. 

“These  people  are  pretty  valuable,  especially  if  they 
have  skills  in  multiple  functional  areas,”  says  Cameron 
Haight,  a  Gartner  analyst.“ln  the  ’90s,  if  you  were  an  SAP 
Basis  administrator,  you  could  almost  name  your  price. 

This  is  the  SAP-Basis  admin  role  of  this  decade.” 

The  IT  department  for  Georgia’s  Fulton  County  has  lost  two  virtual¬ 
ization  experts  during  its  ongoing  migration  from  hundreds  of  single 
function  x86  servers  to  blade  servers  running  virtual  machines.  Both 
left  for  a  virtualization-related  job  at  another  company.  Still,  Jay  Terrell, 

CTO  and  deputy  IT  director,  takes  the  losses  in  stride. “Sure,  we’ve  lost  a 
couple  of  people,  but  we’ve  also  kept  some  bright,  young  talent”  by 
exposing  them  to  virtualization, ’’Terrell  says.“If  you  hold  people  back, you’re  going 
to  lose  them  anyway  I’d  rather  have  people  happy  and  excited  while  they’re  here.” 


Cross-pollination  required 

Virtualization’s  reach  into  nearly  every  corner  of  the  data  center  is  fueling  the  talent 
crunch.Virtualization  calls  for  people  who  understand  how  to  deal  with  complex  con- 
figuration-management,  patching  and  performance  monitoring,  for  example.  “Gone 
are  the  days  of  looking  only  at  the  running  processes  on  the  OS  to  find  out  what  may 
be  causing  a  performance  problem,”  says  John  Turner,  director  of  networks  and  sys¬ 
tems  at  Brandeis  University  in  Waltham,  Mass.“Now  you  have  to  look  one  level  up:  What 
are  the  other  resident  operating  systems  doing?  What  do  those  loads  look  like,  and 
how  do  I  optimize  those  or  move  them  to  a  box  with  less  load?” 

In  the  bigger  picture,  virtualization  moves  networking  tasks  into  the  domain  of  sys¬ 
tems  engineers, Turner  says.“Typically  the  network  engineers  would  configure  network 
switches,  set  the  appropriate  virtual  LANs  and  make  sure  the  network-protection  pro¬ 
tocols  were  set  up  correctly  Now  they’re  handing  those  off,  to  a  certain  extent,  to  the 
systems  engineers. They’re  the  ones  who  are  setting  up  the  hypervisors,  which  essen¬ 
tially  puts  them  in  the  role  of  having  to  set  up  data  and  storage  networking,  through 
this  layer  of  abstraction.” 

Systems  engineers  understand  switching  and  routing  basics,  but  they  generally  don’t 
have  a  grasp  of  such  finer  points  as  loop  control,  port-channel  bonding  or  packet- 
sizing,  Turner  notes.  At  Brandeis,  virtualization  has  necessitated  a  higher  level  of  trust 
among  already  integrated  systems  and  network  teams,  as  well  as  a  higher  skill  level.“Our 
systems  engineers  are  going  to  be  brought  up  to  the  level  of  network  engineers.  Network 
engineers  are  going  to  be  perhaps  less  responsible  for  some  of  the 
server-side  switch-configuration  things  and  more  focused  on  bigger  routing  issues,’ ’he  says. 


Getting  organized 

Although  server  administrators  were  among  the  first  wave  of  IT  pros  to  try  out  x86 
server-virtualization  technology“increasingly  we’re  seeing  inquiries  from  infrastructure 
architects,  who  are  looking  at  this  from  a  more  holistic  perspective, as  well  as  from  data 
center  managers,”  Gartner’s  Haight  says.  As  projects  become  more  widespread,  virtual¬ 
ization  will  drive  companies  to  reevaluate  how  they’ve  organized  IT,  he  says. 

‘A  center  of  excellence  or  a  competency  center  for  virtualization  is  probably  going  to 
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places’-  Everett  says. “We  try  to  make  use 
of  every  square  foot  of  the  building." 

In  a  walk  through  the  arena  with  Net¬ 
work  World,  Everett  fielded  requests  for 
additional  laptops  and  connectivity  from 
convention  staff  members.  But  the  re 
quests  didn’t  ruffle  him.  Changes  are  all 
part  of  the  plan,  Everett  says.  Sometimes 
staff  can’t  anticipate  all  the  gear  they’ll 
need  until  they  arrive  and  have  a  chance 
to  really  see  the  space,  he  says.  “1  just 
assume  we’re  going  to  have  to  run  stuff 
to  every  nook  and  cranny’ 

Live  access 

Viewers  around  the  world  will  be  able 
to  watch  when  the  Republican  Party  for¬ 
malizes  its  nomination  of  Sen.  John 
McCain  for  the  upcoming  U.S.  presiden¬ 
tial  election.  Every  major  television  net¬ 
work  (and  plenty  of  minor  networks) 
will  be  on-site.  In  addition,  130  radio 
shows  will  broadcast  from  the  convention.  For 
Web  viewers,  Ustream.TV  will  provide  a  plat¬ 
form  for  broadcasting  live  video  streams  from 
the  four-day  event. 

Working  with  telecom  provider  Qwest,  the 
television  networks  are  using  a  mix  of  fiber, 
satellite  and  microwave  networks  for  video 
traffic,  Everett  says.  “Some  will  do  editing  and 
production  here  on  site,  some  will  use  fiber 
long-hauls  and  go  all  the  way  back  to  where 
their  normal  production  sites  are,  in  New  York 
or  Atlanta  or  wherever’’  he  says. 

Television  crews  doing  on-site  editing  and 
production  will  operate  out  of  arena  suites  that 
have  been  converted  into  temporary  studios. 
“For  every  anchor  you  see  on  TV  there  are  100 
people  behind  them,  making  things  happen, 
cutting  video,  getting  things  uploaded,  han¬ 
dling  interviews,”  Everett  says. 

Crews  also  will  work  out  of  media  trailers 
parked  at  RiverCentre,  a  convention  center 
adjacent  to  the  Xcel  Center.  IT  teams  took  ad¬ 
vantage  of  elevated  walkways  connecting  the 
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Convention  organizers  are  transforming  30 
arena  suites  into  temporary  media  studios, 
where  television  crews  will  do  on-site  editing 
and  production  work. 


buildings  to  run  fiber  to  the  RiverCentre  park¬ 
ing  garage,  where  the  television  networks’  pro¬ 
duction  trailers  will  be  located.The  idea  was  to 
piggyback  cable  runs  on  existing  structures 
whenever  possible,  to  limit  the  amount  of  tem¬ 
porary  construction  required,  Everett  says. 

As  the  official  telecom  provider  for  the  event, 
Qwest  also  is  working  with  Everett  to  provide 
capacity  for  the  convention  crew’s  internal  net¬ 
work,  which  as  many  as  600  staff  members  will 
use  for  e-mail,  file  sharing  and  other  applica¬ 
tions.  Qwest  is  hosting  a  number  of  the  con¬ 
vention  staff’s  applications,  including  email,  in 
its  Minneapolis  data  center. 

Inside  the  Xcel  Center,  IT  managers  have  a 
main  computer  room  for  their  gear,  plus 
switches  are  dispersed  in  racks  all  over  the 
building,  Everett  says.  Managed  services 
provider  Unisys  —  which  has  offices  in  the 
Twin  Cities  area  —  is  helping  with  day-to-day 
IT  operations,  including  monitoring  the  con¬ 
vention  servers,  manning  the  IT  help  desk  and 
providing  project  management  assistance. 
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For  the  convention’s  internal  network, 
Everett  is  using  wireless  sparingly  in  an 
effort  to  limit  interference  in  areas 
where  the  media  depends  on  wireless 
technologies.  Specifically,  wireless 
microphones  operating  in  the  2.4GHz 
spectrum  will  be  given  priority“Our  goal 
is  to  make  sure  those  work  really  well,” 
Everett  says,  because  hundreds  of  media 
teams  will  be  using  wireless  micro¬ 
phones  on  the  arena  floor  and  in  the 
stands  to  interview  delegates  and  other 
attendees.  A  spectrum  coordinating 
committee  will  work  with  the  media  to 
inspect  and  check-in  wireless  devices  to 
minimize  interference  issues,  he  adds. 

As  for  cellular  networks,  the  wireless 
carriers  have  been  busy  upgrading 
their  services  in  the  Twin  Cities  area. 
“That’s  both  for  coverage  and  capaci¬ 
ty,”  Everett  says.“Not  only  do  they  want 
you  to  have  five  bars  on  your  phone, 
but  also  they  are  aware,  like  all  of  us 
are,  how  many  people  are  going  to 
have  BlackBerry  [devices],  wireless 
cell  cards,  things  like  that.” 

Verizon  Wireless,  for  instance,  has  spent  more 
than  $4  million  to  upgrade  its  network  in  antic¬ 
ipation  of  an  expected  33%  increase  in  voice 
calls  and  150%  increase  in  data  traffic  in  and 
around  the  convention  site. 

Next  up,  Costa  Rica? 

The  U.S.  Department  of  Homeland  Security 
has  designated  the  convention  a  National 
Special  Security  Event,  which  means  the  U.S. 
Secret  Service  leads  security  planning.  That 
takes  some  of  the  burden  off  Everett  and  the 
other  IT  staff,  particularly  for  things  such  as 
surveillance. 

But  IT  security  remains  a  key  concern  for 
Everett,  and  he’s  been  working  with  vendors 
including  Cisco  to  appropriately  batten  down 
the  convention’s  networks,  applications  and 
data.  Without  going  into  specifics  about  the  IT 
security  technologies  in  place,  Everett  says  the 
trick  is  providing  the  right  balance  between  a 
locked-down  network  and  one  that  is  accessi¬ 
ble  enough  to  let  convention  staff  and  volun¬ 
teers  arrive  at  the  arena  and  be  able  to  get  their 
work  done. 

Meanwhile,  Everett  says  his  biggest  challenge 
these  days  is  prioritizing  the  remaining  IT 
opportunities,  now  that  the  core  IT  projects  are 
nearing  completion. “There  are  a  lot  of  oppor¬ 
tunities  and  only  so  many  days  to  do  them.  We 
really  want  to  find  the  ones  that  are  the  best 
bang  for  the  buck,  the  ones  that  are  going  to 
engage  people  the  most.” 

On  Sept.  4,  he’ll  shift  his  focus  to  dismantling 
the  network,  recovering  the  IT  gear,  and  return¬ 
ing  donated  assets  to  their  proper  owners  or 
designated  charities.Tear-down  starts  right  after 
the  convention  closes  and  will  be  completed 
within  10  to  12  days,  he  estimates. 

After  that?  “I  have  no  idea  where  I’m  going 
after  this.  Maybe  to  Costa  Rica,”  Everett  muses. 
“I’m  not  sure  yet.”H 
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Milli  Vanilli,  the  Chinese  and  Apple 


emember  Milli  Vanilli,  the  late  ’80s  and 
early  ’90s  chart-topping  pop  duo  eventu¬ 
ally  exposed  as  lip-syncing  frauds?  Being 
“economical  with  the  truth”  (whether  outright 
lying  or  creating  a  breach  of  faith)  will  always 
be  discovered,  but  whether  there  are  conse¬ 
quences  depends  on  how  people  perceive  the 
untruth  and  how  they  are  affected. 

For  example,  I’ll  bet  that  —  like  me  —  when  you  first  saw  a  foot¬ 
ball  game  on  television  where  a  line  across  the  field  showing  the 
line  of  scrimmage  was  inserted  into  the  picture, you  were  mighty 
impressed.  What  a  cool  way  to  augment  reality!  Well,  the  same  kind 
of  overlay  technology  was  used  in  the  opening  ceremonies  of  the 
Beijing  Olympics  to  fake  a  fireworks  effect  that  would  have  been 
impossible  to  pull  off  in  the  real  world.  People  watching  the 
Olympics  opening  ceremonies  on  television,  including  on  the  giant 
screens  around  the  Beijing  National  Stadium  (the  “Bird’s  Nest”), 
saw  what  looked  like  a  chain  of  29  giant  footprints  apparently  pro¬ 
duced  by  fireworks  marching  across  the  sky  from  Tiananmen 
Square  to  the  stadium.  (If  you  missed  the  show,  you  can  find  the 
footprint  sequence  on  YouTube.)  The  effect  was  spectacular!  What 
an  incredible  concept.  But  it  was  a  complete  and  shameless  fraud, 
the  Milli  Vanilli  of  fireworks. 

What  was  sad  was  most  people  didn’t  know  they  were  seeing  a 
fake.The  TV  networks  didn’t  make  it  clear  and  the  Chinese  authori¬ 
ties  ’fessed  up  only  after  the  fact. The  consequences?  Nothing  of 
note,  because  only  people’s  perceptions  were  manipulated. The 
Chinese  government  has  no  shame.  End  of  story. 

Nearer  home,  however,  we  have  just  witnessed  some  high-tech 


duplicity  that  could  well  have  consequences.  I’m  referring  to 
Apple’s  “back  door”  in  the  latest  version  of  the  iPhone.This  is  how 
the  back  door  works:  You  buy  an  iPhone  and  go  to  Apple’s  App 
store  and  buy  an  application. Then  one  day,  out  of  the  blue,  the 
application  vanishes  from  your  iPhone.  No  warning,  no  choice  and 
probably  no  recourse. The  iPhone  has  a  back  door  that  lets  Apple 
delete  applications  as  it  sees  fit. 

Now,  according  to  Steve  Jobs,  Apple  hasn’t  used  this  “feature”  yet. 
Jobs  defended  the  need  for  it,  saying  that  Apple  “would  be  irresponsi¬ 
ble  not  to  have  a  lever  like  that  to  pull.” 

There  are  two  things  wrong  with  this.  First,  if  there’s  a  back  door,  it 
could  be  abused.  I  know  Apple  is  really,  really  good  at  software  engi¬ 
neering,  but  we  all  know  that  when  you  leave  a  back  door,  something 
is  more  or  less  guaranteed  to  creep  in. 

The  second  and  bigger  issue  is  that  Apple  didn’t  tell  people 
who  bought  the  iPhone  about  this  “feature.”  I  see  this  as  a  major 
breach  of  trust,  but  so  far  it  appears  people  are  either  ignorant 
about  it  or  indifferent  to  it,  and  thus  Apple  so  far  faces  no  conse¬ 
quences.  I  wonder  how  the  corporate  market  is  going  to  view  this 
attribute  of  the  iPhone? 

So,  here’s  the  thing:  The  Chinese  fake  fireworks  were  a  breach  of 
faith  because  they  presented  a  falsely  glorified  image,  but  no  one 
was  actually  harmed. The  Apple  iPhone  back  door  and  its  nondis¬ 
closure  also  are  a  breach  of  faith,  but  one  that  could  well  cause 
major  harm.  We  might  forgive  the  Chinese,  but  can  we  forgive 
Apple?  We  never  forgave  Milli  Vanilli. 

Gibbs  excuses  no  one  in  Ventura,  Calif.  Be  as  harsh  as  you  like  to 
backspin  @gibbs.  com. 


BACKSPIN 

Mark  Gibbs 


Fooling  Google  News  is  as  easy  as  s-p-o-o-f 


idid  it  last  week.  Not  that  I  was  trying,  mind 
you  —  honestly,  I  wasn’t.  I  did,  however,  pre¬ 
dict  it  would  happen, so  I’m  going  to  take 
this  opportunity  to  gloat  about  that. 

Granted,  I  have  seen  this  kind  of  thing  before 
on  Google  News  and  have  written  about  it,  as 
have  others.  This  is  the  first  example  involving 
one  of  my  own  writings,  though. 

In  a  nutshell,  Google  News  cannot  tell  the  dif¬ 
ference  between  real  news  stories  and  spoofs,  especially  when  the  real 
news  and  the  spoof  are  ostensibly  about  the  same  topic.  Google  News 
cannot  tell  the  difference  because  it  employs  no  human  editors  to  pick 
stories  for  its  front  page  and  because  the  software  it  relies  upon  instead 
has  no  sense  of  humor.  (I’m  partial  to  professional  editors, both  for  obvi¬ 
ous  pocketbook  reasons  and  because  they  know  how  to  laugh.) 

Here’s  what  happened:  You  probably  read  recently  the  ultimately 
futile  attempt  by  Massachusetts  transit  authorities  to  stop  three  MIT  stu¬ 
dents  from  talking  about  vulnerabilities  in  the  Bay  State’s  CharlieCard 
smart  card,  which  is  used  for  electronic  ticketing.  When  I  read  that  cov¬ 
erage,  it  immediately  triggered  an  earworm  featuring  The  Kingston  Trio’s 
classic  hit  “Charlie  on  the  MTA.”The  CharlieCard  is  named  in  honor  of 
that  particular  Charlie,  who,  if  you’re  familiar  with  the  lyrics,  also  is 
known  as  “the  man  who  never  returned.” 

The  combination  of  the  news  story  and  the  earworm  resulted  in  a 
Buzzblog  post:  a  spoof  purporting  to  be  an  “exclusive”  news  story  about 
how  those  MIT  students  investigating  the  CharlieCard  also  stumbled  on 
proof  that  Charlie,  rather  than  being  condemned  to  an  endless  ride 
aboard  Boston’s  notoriously  unfriendly  subway  system,  was  in  fact  noth¬ 
ing  but  a  henpecked  fraud.  (You  can  read  the  spoof  and  watch  The 
Kingston  Trio  at  www.nwdocfinder.com/6247.) 


Before  posting  that  bit  of  whimsy  to  the  World  Wide  Web,  I  had  a 
colleague  give  it  a  read.  I  know  it  might  get  me  kicked  out  of  the 
blogger’s  union,  but  I  occasionally  have  other  editors  read  my  stuff 
before  publishing,  as  much  to  gauge  possible  reader  reaction  as  to 
check  my  spelling  and  grammar.  “A  fine  piece  of  whimsy,”  my  gen¬ 
erous  colleague  replied  via  e-mail. “Brace  for  the  idiots  who’ll  think 
it’s  serious.” 

Now,  I’ve  encountered  my  share  of  idiots  along  the  way  but  I  could  not 
imagine  anyone  failing  to  recognize  this  particular  post  as  a  spoof,  so  I 
walked  over  to  my  friend’s  office  to  argue  the  point.“I  can’t  see  it,”  I  said, 
“but  it  won’t  surprise  me  if  Google  News  thinks  it’s  serious.” 

Less  than  an  hour  later,  my  spoof  sat  atop  the  knot  of  332  news  arti¬ 
cles  about  the  MIT  students  —  make  that  331  news  articles  plus  one 
spoof  —  that  Google  News  had  grouped  together  and  featured  on  its 
front  page.  And  there  it  sat  undisturbed  by  software  or  human  edito¬ 
rial  judgment  for  a  good  two  hours,  after  which  it  and  the  knot  faded 
into  yesterday’s  news. 

Not  that  I’m  complaining  —  writers  love  to  have  their  work  featured 
on  Google  News  (page  views  and  all  that)  —  but  1  can’t  help  wonder 
what  Google  News  readers  thought  when  they  encountered  a  spoof 
instead  of  what  Google  News  was  presenting  as  the  top-of-the-heap 
news  article  on  this  topic. 

In  the  grand  scheme  of  things,  this  shortcoming  on  the  part  of  Google 
News  isn’t  the  least  bit  important.  I  recognize  that. 

Yet  every  time  it  happens,  I  can’t  help  but  feel  just  a  little  bit  more 
secure  in  the  notion  that  there  will  always  be  a  place  in  the  news  dis¬ 
tribution  business  for  human  beings  —  at  least  until  software  gets  a 
sense  of  humor. 

Comments,  funny  or  otherwise,  should  be  directed  to  buzz@nww.com. 


NETBUZZ 

News,  Insights,  oddities 
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DNS  CHANGE  MAKERS 


I  designed  the  foundations  of  DNS  25  years  ago  to  be  simple  and  modular. 
That’s  how  dozens  of  extensions  have  been  successfully  added  over  the  years  to,  for  example, 
integrate  DNS  with  DHCP,  route  VOIP  calls,  lookup  RFID  tags,  and  use  international  character  sets.  All  aspects 
of  the  DNS  are  larger  now.  The  email  that  needed  one  DNS  lookup  in  1983  now  needs  dozens  for  delivery  and 

spam  checking  -  not  to  mention  a  billion  or  so  new  public  and  private  domain  names. 

But  don’t  let  this  seeming  complexity  get  you  down. 


The  first  key  for  dealing  with  this  challenge  is  to  select  tools  that  have  been  tested, 
proven  and  use  the  same  simple  and  modular  approach.  That  way,  effort  in  one 
application  helps  another.  At  Nominum,  we  tested  our  ENUM  servers  to  be 
sure  that  they  could  handle  DNS  databases  that  had  millions  of 
separate  zones  and  billions  of  resource  records  and  still 
deliver  instant  server  restarts  and  still  deliver  industry-leading 
performance.  That  meant  that  when  a  huge  antispam 
database  application  came  our  way  we  knew 
there  was  no  scaling  issue. 


Paul  Mockapetris,  Father  of  DNS,  invented  1983 


The  second  key  is  to  use  the  advanced  technology  to 
monitor  and  control  your  DNS  (and  DHCP)  systems. 

You  shouldn’t  expect  your  sysadmins  to  validate 
security  credentials  by  hand  or  learn  new  languages 
when  your  business  goes  international.  Human  error  is 
always  a  concern.  DNSStuff  uses  its  own  dedicated 
network  assets  to  monitor  your  DNS  systems  at  a  level 
of  detail  unmatched  by  other  tools,  then  it  uses  its 
proprietary  algorithms  to  give  you  the  most  specific 
results  and  actions  to  fix  any  problems.  When  new  DNS 
applications  and  extensions  are  added,  DNSStuff  tools 
are  there.  Not  all  DNS  tools  are  created  equal. 


■1  DNSstuff.com 

WHEN  GOOD  ISN’T  GOOD  ENOUGH. 


ALTERNATIVE  THINKING  ABOUT  ASSURANCE: 


Nobody  ever  got  fired  for  buying  a  dependable  server. 


I  V’  > 


mm 


There  is  a  certain  amount  of  confidence  that  comes  with  the  HP  ProLiant  DL385  G5  Server,  featuring  efficient  Quad-Core  AMD  Opteron™ 
processors.  Not  just  because  it  is  the  best-selling  server  of  its  kind  *  But  with  time-tested  features  like  Pre-Failure  Notification  and  Remote 
Access  Management,  it  unfailingly  delivers  on  the  promise  of  never  letting  I.T.  down. 


HP  ProLiant  DL385  G5 

$2275  (Save  $850) 


Lease  for  as  low  as  $54/mo'  for  48  months 
Smart  (PN:  464211-005) 

•  2  Quad-Core  AMD  Opteron™  processors 

•  Supports  small  form  factor,  high-performance 
SAS  or  low-cost  SATA  hard  drives 


Technology  for  better  business  outcomes. 


•  Redundant  Power 

•  Integrated  Lights-Out  (IL02),  Systems 
Insight  Manager,  SmartStart 


HP  StorageWorks  Ultrium 
448  Tape  Drive  SAS  Bundle 

$1649 


Lease  for  as  low  as  $39/mo'  for  48  r 


Smart  (PN:  AG739A) 

•  400  GB  compressed  capacity  in  half-height 
form  factor 


•  Ships  with  Data  Protector  Express  Software, 
One  Button  Disaster  Recovery,  q  HJ 
Rackmount  Kit,  and  a  Host  Bus  Adapter 


Get  More: 


'Based  on  IOC,  Worldwide  Quarterly  Server  Tracker,  February  2008.  In  Calendar  4Q  ‘07,  IOC  reported  worldwide  HP  ProLiant  server  shipments  at  681,445  units,  well  ahead 
499,715  units  at  #2.  IDC  also  reported  ProLiant  factory  revenue  at  $2,743  million  vs.  $1 ,580  million  for  Dell’s  PowerEdge  family.  Prices  shown  are  HP  Direct  prices;  reseller 
vary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient's  address.  Offers  cannot  be  combined  with  any  other  offer 
good  while  supplies  last.  All  featured  offers  available  in  U.S.  only.  Savings  based  on  HP  published  list  prices  of  configure-to-order  equivalent  ($3125  -  $850  instant 
$2,275).  1 .  Financing  available  through  Hewlett-Packard  Financial  Services  Company  (HPFS)  to  qualified  commercial  customers  in  the  U.S.  and  subject  to  credit  approval 
HPFS  documentation.  Prices  shown  are  based  on  a  lease  of  48  months  in  terms  with  a  fair  market  value  purchase  option  at  the  end  of  the  term.  Rates  based  on  an  original 
$3,000  and  $25,000.  Other  rates  apply  for  other  terms  and  transaction  sizes.  Financing  available  on  transactions  greater  than  $349  through  September  30, 2008.  HPFS  reserves  the 
or  cancel  these  programs  at  any  time  without  notice.  AMD,  the  AMD  Arrow  logo,  AMD  Opteron,  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  ©2008 
Development  Company,  L.P.  The  information  contained  herein  is  subject  to  change  without  notice. 


10,000,000  I.T.  folks  can't  be  wrong. 

To  learn  more,  call  1-888-226-6653  or  visit  hp.com/go/dependable9 


■ 
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24x7,  4  hour  response,  3  years 
(PN:  UE894E)  $689 

Add  2  GB  additional  memory 
(PN:  408851-S21)  $159 


AMD 

Opteron 


